If I Sleep for an Hour, 30 People Will Die (2016)

A World War II hero saved the lives of rebels and refugees. Now it’s our turn.
Article word count: 1378

HN Discussion: https://news.ycombinator.com/item?id=19477908
Posted by pmoriarty (karma: 31933)
Post stats: Points: 125 - Comments: 68 - 2019-03-24T18:29:35Z

\#HackerNews #2016 #die #for #hour #people #sleep #will

---

Article content:




[1]Pamela Druckerman
As a teenager, Adolfo Kaminsky saved thousands of lives by forging passports to help children flee the Nazis. He spent his life helping others escape atrocities around the world.

PARIS — It’s 1944, in occupied Paris. Four friends spend their days in a narrow room atop a Left Bank apartment building. The neighbors think they’re painters — a cover story to explain the chemical smell. In fact, the friends are members of a Jewish resistance cell. They’re operating a clandestine laboratory to make false passports for children and families about to be deported to concentration camps. The youngest member of the group, the lab’s technical director, is practically a child himself: Adolfo Kaminsky, age 18.

If you’re doubting whether you’ve done enough with your life, don’t compare yourself to Mr. Kaminsky. By his 19th birthday, he had helped save the lives of thousands of people by making false documents to get them into hiding or out of the country. He went on to forge papers for people in practically every major conflict of the mid-20th century.

Now 91, Mr. Kaminsky is a small man with a long white beard and tweed jacket, who shuffles around his neighborhood with a cane. He lives in a modest apartment for people with low incomes, not far from his former laboratory.

When I followed him around with a film crew one day, neighbors kept asking me who he was. I told them he was a hero of World War II, though his story goes on long after that. It remains painfully relevant today, when children are being bombed in Syria or boarding shabby boats to escape by sea.

Like most Westerners, I usually ignore their suffering, and assume that someone else will step in to help. But Mr. Kaminsky — a poor, hunted teenager — stepped in himself, during the war and then for many different causes afterward. Why did he do it?

It wasn’t for the glory. He worked in secret and only spoke about it years later. His daughter Sarah learned her father’s whole story only while writing a book about him, “[2]Adolfo Kaminsky: A Forger’s Life.” The English translation comes out this week.

It wasn’t for the money, either. Mr. Kaminsky says he never accepted payment for forgeries, so that he could keep his motives clear and work only for causes he believed in. He was perpetually broke, and scraped together a living as a commercial photographer, he said. The wartime work put such a strain on his vision that he eventually went blind in one eye.

Though he was a skilled forger — creating passports from scratch and improvising a device to make them look older — there was little joy in it. “The smallest error and you send someone to prison or death,” he told me. “It’s a great responsibility. It’s heavy. It’s not at all a pleasure.” Years later he’s still haunted by the work, explaining: “I think mostly of the people that I couldn’t save.”

Mr. Kaminsky empathized with refugees partly because he was one himself. He was born in Argentina to Russian Jews who’d first fled Russia to Paris, and then been kicked out of France. When Adolfo was 7, the family, by then with Argentine passports, was allowed to rejoin relatives in France. “It was then that I realized the significance of the word ‘papers,’ ” he explained.

After dropping out of school at 13 to help support his family, he was apprenticed to a clothes dyer, a precursor to the modern dry cleaner. He spent hours figuring out how to remove stains, then read chemistry textbooks and did experiments at home. “My boss was a chemical engineer, and would answer all of my questions,” he said. On weekends he helped a chemist at a local dairy, in exchange for butter.

In the summer of 1943, he and his family were arrested and sent to Drancy, the internment camp for Jews near Paris that was the last stop before the death camps. This time, their passports saved them. Argentina’s government protested the family’s detention, so they stayed at Drancy for three months, while thousands of others were swiftly sent on to die.

Mr. Kaminsky remembered a math professor who had agreed to tutor him in the camp. “One day, when it was time for our classes, he wasn’t there. He hadn’t wanted to tell me beforehand that his name was on the list.”

The Kaminskys were eventually freed, but they weren’t safe in Paris, where Jews were under constant threat of arrest. Soon Argentines were being deported, too.

To survive they would have to go underground. Adolfo’s father arranged to get false papers from a Jewish resistance group, and sent Adolfo to pick them up. When the agent told Adolfo that they were struggling to erase a certain blue ink from the documents, he advised using lactic acid, a trick he’d learned at the dairy. It worked, and he was invited to join the resistance.

Mr. Kaminsky’s cell was one of many. His would get tips on who was about to be arrested, then warn the families, assembling new papers for them on the spot.

The group focused on the most urgent cases: children who were about to be sent to Drancy. They placed the kids in rural homes or convents, or smuggled them into Switzerland or Spain. In one scene from the book, Mr. Kaminsky stays awake for two nights straight to fill an enormous rush order. “It’s a simple calculation: In one hour I can make 30 blank documents; if I sleep for an hour, 30 people will die.”

Historians estimate that France’s Jewish resistance networks together saved 7,000 to 10,000 children. Some 11,400 children were deported and killed.

Image
Adolfo Kaminsky in a darkroom in 2014. As a teenager in World War II, he forged passports for French Jews.CreditRaphael Zubler

After the war, Mr. Kaminsky didn’t plan to keep working as a forger. But through his wartime networks, other movements got in touch. He continued forging papers for 30 more years, playing a small role in conflicts ranging from the Algerian war of independence to the anti-apartheid struggle in South Africa to the Vietnam War, making documents for American draft dodgers. He estimates that in 1967 alone, he supplied forged papers to people in 15 countries.

I can’t vouch for every cause. Some of the rebel groups he supported used violence. And at close range, his stubborn idealism was no doubt maddening. He had two kids soon after World War II, but couldn’t tell them or his ex-wife about his underground work, so they didn’t know why he rarely visited. Girlfriends assumed he was absent because he’d been cheating. He was supposed to follow one woman to America, but never showed up, because he’d joined the Algerian resistance.

“I saved lives because I can’t deal with unnecessary deaths — I just can’t,” he told me. “All humans are equal, whatever their origins, their beliefs, their skin color,” he later added. “There are no superiors, no inferiors. That is not acceptable for me.”

In 1971, convinced that too many different groups knew his identity, and that he’d soon be caught and imprisoned, Mr. Kaminsky quit forging for good, and mostly made a living teaching photography. On a visit to Algiers he met a young law student, of Tuareg ancestry, who was the daughter of a liberal Algerian imam. They’re still married, and have three children.

The last time I saw Mr. Kaminsky, he showed me a photograph he took just after the liberation of Paris. It shows about 30 children who’d come out of hiding, and were hoping to be reunited with their parents.

He knows there are children in similar peril today, and that having the wrong passport can still cost your life. “I did all I could when I could. Now, I can’t do anything,” he said. Surely, though, the rest of us can.

Pamela Druckerman is the author of “Bringing Up Bébé: One American Mother Discovers the Wisdom of French Parenting” and a contributing opinion writer.

Follow The New York Times Opinion section on [3]Facebook and [4]Twitter (@NYTopinion), and sign up for the [5]Opinion Today newsletter.

A version of this article appears in print on , on Page SR9 of the New York edition with the headline: ‘If I Sleep for an Hour, 30 People Will Die’. [6]Order Reprints | [7]Today’s Paper | [8]Subscribe

References

Visible links
1. http://topics.nytimes.com/top/reference/timestopics/people/d/pamela_druckerman/index.html
2. https://doppelhouse.com/adolfo-kaminsky-a-forgers-life/
3. https://www.facebook.com/nytopinion
4. http://twitter.com/NYTOpinion
5. http://www.nytimes.com/newsletters/opiniontoday/
6. http://www.nytreprints.com/
7. http://www.nytimes.com/pages/todayspaper/index.html
8. https://www.nytimes.com/subscriptions/Multiproduct/lp8HYKU.html?campaignId=48JQY

HackerNewsBot debug: Calculated post rank: 106 - Loop: 86 - Rank min: 100 - Author rank: 63

KaTeX – Fast math typesetting library for the web

Simple API, no dependencies – yet super-fast on all major browsers.
Article word count: 94

HN Discussion: https://news.ycombinator.com/item?id=19475273
Posted by tosh (karma: 35021)
Post stats: Points: 145 - Comments: 23 - 2019-03-24T09:01:33Z

\#HackerNews #fast #for #katex #library #math #the #typesetting #web

---

Article content:




Simple API, no dependencies – yet super-fast on all major browsers.
\* Fast: KaTeX renders its math synchronously and doesn’t need to reflow the page.
\* Print quality: KaTeX’s layout is based on Donald Knuth’s TeX, the gold standard for math typesetting.
\* Self contained: KaTeX has no dependencies and can easily be bundled with your website resources.
\* Server side rendering: KaTeX produces the same output regardless of browser or environment, so you can pre-render expressions using Node.js and send them as plain HTML.
Lightning-fast, even on pages with hundreds of expressions:

[1]Installation [2]Documentation [3]View on GitHub

References

Visible links
1. https://katex.org/docs/node.html
2. https://katex.org/docs/api.html
3. https://github.com/KaTeX/KaTeX

HackerNewsBot debug: Calculated post rank: 104 - Loop: 220 - Rank min: 100 - Author rank: 65

Rethinking Streets for Bikes

For too long we’ve been building streets as though they have one function–to move cars quickly. The reality is that streets can to do more than just move cars. They can move people on foot, on bikes,…
Article word count: 183

HN Discussion: https://news.ycombinator.com/item?id=19472597
Posted by dsego (karma: 4075)
Post stats: Points: 124 - Comments: 95 - 2019-03-23T22:05:51Z

\#HackerNews #bikes #for #rethinking #streets

---

Article content:



For too long we’ve been building streets as though they have one function–to move cars quickly. The reality is that streets can to do more than just move cars. They can move people on foot, on bikes, on transit, without hurting vehicular throughput and safety. They can be more than a way to get somewhere else. Good streets are good places, too – public places where people meet, sit and socialize, conduct business, wander about, play, and more.

This new book uses evidence from completed street projects from around the United States in order to help communities imagine alternative futures for their streets. The book does not show hypothetical street re-designs, but actual examples from typical communities to show how they did what they did and see what resulted from the change.
You can receive a copy of Rethinking Streets in one of three ways:
1. [1]Download a PDF copy
2. [2]Purchase a print copy
3. [3]Purchase copies in bulk

For more information, please contact [4]Marc Schlossberg at the University of Oregonʼs [5]Sustainable Cities Institute.

Authors: Marc Schlossberg, PhD, John Rowell, AIA, Dave Amos, Kelly Sanford

References

Visible links
1. https://docs.google.com/forms/d/1SE-pFSh4GKVF-LihcSQcfEX5E4VcUA4YrzmuL0VnDoM/viewform
2. http://www.lulu.com/shop/marc-schlossberg-and-john-rowell-and-dave-amos-and-kelly-sanford/rethinking-streets-an-evidence-based-guide-to-25-complete-street-transformations/paperback/product-21868927.html
3. http://ecommerce.uoregon.edu/order_form/sci-rethinking-streets-evidence-based-guide-25-complete-street-transformations
4. mailto:schlossb@uoregon.edu
5. http://sci.uoregon.edu/

HackerNewsBot debug: Calculated post rank: 114 - Loop: 181 - Rank min: 100 - Author rank: 24

Why Haven't Voters Been Buying the Case for Increasing Housing Supply?

If we were more honest about the limitations of the market, it would be easier to convince people that governments can hold private development accountable.
Article word count: 5317

HN Discussion: https://news.ycombinator.com/item?id=19473052
Posted by jseliger (karma: 48300)
Post stats: Points: 92 - Comments: 149 - 2019-03-24T00:00:46Z

\#HackerNews #been #buying #case #for #havent #housing #increasing #supply #the #voters #why

---

Article content:




[1]Taken during the evening, this image is of Downtown Los Angeles and shows buildings with lights. While you cannot see cars on a highway, you can see the white and red lines of lights, which shows movement.Downtown Los Angeles. Photo by Giuseppe Milo, via flickr, CC BY-NC 2.0

Liam Dillon covers the politics of housing policy more closely and thoughtfully than almost any other journalist in the country and yet he was nearly dumbfounded by the results of a recent survey commissioned by his paper, the Los Angeles Times. [2]The Times and researchers from the University of Southern California asked 1,200 California residents about the causes of the housing crisis. Only 13 percent of respondents blamed the crisis on “too little homebuilding.” Twice as many people included “lack of funding for affordable housing” or “lack of rent control” as top explanations for the problem.

Why Is Housing in California so Unaffordable?

Dillon sought comments from experts who struggled to explain the results; they all agreed that the lack of supply is at the root of the problem. Democratic state Sen. Scott Wiener, who has been leading a truly impressive crusade to get more housing built in California, said it will take time to convince Californians of the housing shortage.

Wiener wasn’t the only person who focused on persuading the public. Both in the comments section on the LA Times website and on Twitter, commenters wondered what it was about supply and demand that voters can’t quite understand. More than one person suggested that all voters be required to take an entry-level economics class.

Given the enormous gulf between the view of Dillon’s experts and the majority of voters, one reaction that was conspicuously missing from the overall response was curiosity. Isn’t it possible that voters understand something that the experts are overlooking?

For the record, let me say that I generally believe the experts: In places where there is high demand, we need to build more housing—subsidized and market-rate housing, and even some luxury housing. It won’t solve the housing crisis on its own, but we can’t solve the crisis without building. So how do we make that happen? We will only see significant increases in the pace of development when the public broadly begins to agree that they are better off with more building than with less. Winning people over to that point of view won’t be easy, but telling people that they are stupid and uninformed is definitely not the right place to start.

It seems to me that if we want to convince people, we ought to stop yelling and start listening.

Why Aren’t Voters Buying the Need for More Building?

This survey perfectly captures the bind that elected officials across the U.S. find themselves in these days. A new breed of [3]YIMBY (Yes, in My Back Yard) activism and academic analysis have together helped big city governments take the first lumbering steps toward higher rates of housing production. We are building more than we have in years. But for the most part, the average voter remains highly skeptical that market-rate real estate development can make a positive difference.

If you are in the group that finds the need to build more to be intuitively obvious, you may be more than a little put out by the LA Times survey results. You may be tempted to wonder why so many people refuse to believe that supply and demand will work the way it works in Econ 101?

In any introductory economics class we learn that supply and demand interact to set prices. If we increase demand (e.g., more people want to live in our cities), the price of a good will rise. In most markets, rising prices will encourage producers to make more of the good in demand, and increased supply will bring prices back down.

In the Econ 101 view, any new unit has the same impact on average rents. It doesn’t matter if the new unit we add sells for many millions of dollars; the household that moves into it vacates another unit, which is then available for someone who earns less money. The process works its way down through the whole economy and everyone, everywhere shares in the benefit.

But a surprising number of people shrug this logic off. William Marble and Clayton Nall in the Stanford University Department of Political Science wanted to see what it would take to change people’s minds on development. They surveyed people in the 20 largest metro areas and found that people formed attitudes toward new development independently from their overall political ideology. Many people who identified the need for housing affordability as an important issue opposed new development. Marble and Nall guessed that if they first provided people with information about how development leads to more housing affordability, people would answer survey questions about development differently. But they found that no matter what message they started with, people’s answers didn’t change. It didn’t help to say that experts agreed, it didn’t help to say that evidence showed that low-income people would benefit, and it didn’t even help to say that President Barack Obama endorsed the research. This finding highlights the challenge facing policymakers; no amount of public education is likely to make a difference. Urban voters seem to understand the argument but remain unpersuaded.

My view is that this tenacity is not the result of a lack of understanding or education. Instead, I think it grows from a sensible feeling that the Econ 101 story greatly overstates the extent to which lower-income people, and even middle-income people, will benefit from luxury development. It is hard for people to articulate this feeling given the degree to which the whole discussion has accepted the simpler premise. And while I believe that resistance to development is causing great harm, particularly for lower-income people, I don’t think we can overcome that resistance without addressing the real question that people are raising. To do that we have to look more closely at who benefits most from new development and think a little harder about what steps local government can take to share that benefit more widely.

What About Everything After Econ 101?

One reason this debate is so frustrating is that Econ 101 is not the right class for housing policy. Housing is different from other goods and services in a number of very important and mostly well-understood ways. And because of this difference, housing is not generally covered in undergraduate economics courses. Housing is advanced economics.

If we’re going to agree on a course of action for housing affordability, we really need to first agree on how the economics work. But we won’t get the policy right by agreeing that the economics are simpler than they really are.

I have spent much of the past decade in the middle of fights over housing production in big cities across America. After one too many debates where both sides seemed to be making up their economic theories on the spot, I decided to look into what the academic research said about the impact of housing production on rents. I learned quickly that there are some questions that Google can’t answer. One reason it was hard to find relevant research is that these questions were the focus of economists in the 1970s and 1980s and many of the relevant papers are not available online. One economist I spoke with said, “Once economists come to a satisfactory answer to a question, people simply stop studying it.”

Starting in the 1940s, economists began to explore the ways that housing markets were different. Housing is immovable and very expensive relative to other goods, people incur significant costs when they choose to move homes, and characteristics of the neighborhood that their home is located in seem to matter as much as the homes themselves when it comes to setting prices. By the 1960s, some economists began to document the process of filtering and to develop theories that would predict how home prices and rents would be impacted by new construction.

By the late 1980s, a group of economists led by Jerome Rothenberg and George Galster undertook an ambitious effort to bring together much of this research into a single economic model of the housing market that would be realistic enough to address the questions facing housing policymakers. They published a series of articles and a textbook, [4]The Maze of Urban Housing Markets, which was described by the publisher as “a powerful new theoretical approach to analyzing urban housing problems and the policies designed to rectify them.” It seemed like they had answered the core economic question once and for all. But even though there has been very little pushback from other economists, this framework does not seem to have changed how we approach housing policy. Probably because only a small number of students in graduate-level housing economics classes have ever heard of this work.

But it’s time to take another look at this research because it directly addresses the specific questions that paralyze policymakers and elected officials today. This approach suggests a view of both the power and the limitations of new development that is dramatically at odds with the point of view that the LA Times described as being shared by all the experts.

The Housing Market is Segmented

The authors of The Maze of Urban Housing Markets analyzed data from dozens of U.S. cities and came to a surprising conclusion: The housing market is segmented. The structure of urban housing markets is better understood as a set of interrelated submarkets that can move somewhat independently than as a single market. It takes a little time to get used to talking about housing this way, but my guess is that when you think about it, you’ll realize that you already see it this way even though it’s not how you generally talk about it.

Think about the price of gasoline. It varies in different parts of the country, but in any given city, gas prices vary only a small amount. You may be willing to pay a few cents more to buy gas from a name-brand station or one closer to your home, but if the prices were much lower somewhere else, people would go there because, let’s face it, gas is gas. The website gasbuddy.com tracks gas prices all across the country. In California, a gallon of gas costs more than $3.50. At the same time people are paying $2.15 or less in parts of Texas. But within any one city, the prices tend to vary by 10 cents or less between stations. In other words, the national gas market is divided into regional submarkets with prices that adjust somewhat independently, but within any one city there is a single market for gas.

Now, compare that with apartments. Obviously the national apartment market is also segmented into different regions where prices move independently. But what about within each city? Sure, we can calculate the average rent for a two-bedroom apartment in each city, but depending on who you are, you might pay a lot more or a lot less than that average. Gas may be gas, but apartments aren’t all the same. The most desirable units in the hottest neighborhoods will cost many times more than the least desirable apartments.

But most apartments aren’t quite unique either. If you rent, my guess is that you looked at less than 10 available apartments before you signed a lease, even though there were hundreds more available in the area. By looking at only a few places, you got a clear sense of the current market price for the kind of apartment you were looking for in the kind of neighborhood where you were looking. And that general sense held up across many slightly different units. There was a market and a market price even if it was not a single citywide market. In a segmented market, the price you pay for an apartment is still set by supply and demand, but it’s not just the overall supply and demand that matters. The rent is at least partly set by the supply of apartments like yours and the amount of demand from people like you.

It’s tempting to think that the issue is just geography: that apartments are just like gas, but instead of different markets in different states, there are different markets in each neighborhood. Clearly neighborhoods are important, but the research suggests that both location and other quality factors and building amenities combine to define distinct submarkets. You can think of each submarket as all of the different units that one kind of person might consider when they are looking to move. They may be in several different neighborhoods, but they will be of similar overall quality and desirability and they will have similar prices.

It’s easier to see how this works if you think about student housing. Student units have to be somewhat close to a university and be available to rent by the academic term instead of the year. But not all housing near university campuses is student housing. You can often tell the difference from the street because, apparently, students don’t care about landscaping. In some neighborhoods, two different markets—student and non-student—operate side by side on the same block.

Like any product, the rent for student housing is determined by supply and demand, but it’s mostly the supply of student housing and the demand from students that matters. When a university’s enrollment drops, the rents for student housing drop because student-housing vacancies rise. If they fall enough, landlords may convert some student housing to housing for other people. But that change will come with a cost. For one thing, the landlord may have to invest in landscaping, not to mention kitchen and bathroom remodeling. So student housing is a distinct submarket. Because housing units can be moved into or out of the student submarket, the student prices are not fully independent from the non-student market.

Rothenberg and his colleagues found that the student market is not unique in this sense. They saw a similar pattern in every community. Housing markets were segmented by quality and the supply and demand in each submarket resulted in semi-independent price movements. A community might see rising prices in the high end of the market even as prices in the middle or at the bottom were falling. And vice versa.

They considered how housing markets that were segmented in this way would respond to a range of different changes in supply or demand in any one segment. One scenario that they evaluated most closely was the situation where new housing was added at the most expensive end of the market. What they found was that when new luxury homes are built, there is an immediate response within that specific submarket. Prices drop in response to increased supply just as we would expect from Econ 101.

In the next subgroup down market, prices fall also, but not by as much. When luxury prices drop, some people will upgrade from merely high-cost housing into the luxury market. This reduces demand in the high-cost submarket, which lowers the price. But for a number of reasons, each new luxury unit was associated with less than one household stepping up. So the price reduction is less in the second tier. And for each step further down, the effect of the added supply was diminished to the point where the addition of new luxury housing made relatively little difference to the rent for low-cost housing units.

The Most Important Number You Have Never Heard Of

If markets are indeed segmented in this way, then the results of the LA Times survey may make somewhat more sense. Why are people in Los Angeles not excited about the potential for new luxury development to make all housing more affordable? For the same reason they don’t see new buildings in Seattle or Portland helping them. Surely it is at least partly true that the more Seattle builds, the less pressure there will be on California’s housing markets. (Lower prices in Seattle will cause some people to move north.) But we all intuitively understand that this will make only a very small difference in the cost of housing in LA. New luxury towers in the city seem no different to many Los Angeles residents, who feel like they occupy an entirely different world.

Of course, new buildings in LA (even luxury buildings) are likely to have a much bigger impact on middle- and low-income rents in the city than any buildings in Seattle. But, sadly, it turns out that we don’t know how much bigger. The key number is what economists call “cross-price elasticity of demand,” a measure of how readily people switch from one submarket to another.

“Elasticity” is the kind of jargon that keeps economists in business. “Elasticity of demand” is the extent to which the quantity of a product that consumers demand changes as the price changes. For most products, if we lower the price, people buy more; elasticity is the measure of how much more. If a good is highly elastic that means that it is price sensitive—a 10 percent drop in price will result in more than a 10 percent increase in the quantity demand; a 10 percent increase in price will cut demand by more than 10 percent.

A cross-price elasticity of demand (XED) instead measures how a change in the price of one product impacts the level of demand for another product. For example, if the price of gas rises, the demand for public transit increases. Driving and transit are what economists call substitutes—you can trade one for the other— but they are not perfect substitutes, which means that even when gas prices spike, transit ridership only rises a little. In this case, economists would say the cross-price elasticity is less than 1.

Similarly, economists have studied the cross-price elasticity of demand for butter and margarine and estimated it to be .66. This means that if the price of butter falls by 10 percent, then margarine consumption will fall, but only by 6.6 percent. Some people are buying margarine because it is cheaper than butter, but some people just prefer margarine.

Why Does This Matter?

If housing markets are segmented, then when we build more luxury housing, the price of luxury housing falls (Econ 101). But if each new luxury unit does not correspond to one less household in the next market down (the ‘high-cost’ submarket), then the prices in the high-cost market will move less noticeably than the luxury prices.

Why wouldn’t there be a 1-1 change? For every new luxury unit, doesn’t someone vacate a less expensive unit down market? Not exactly. There are many reasons why the submarket units are imperfect substitutes. For one thing, as prices fall, households in the luxury segment of the market may consume more housing. This can happen when someone buys a second home or even when two roommates respond to lower prices by each renting their own place. But also, some luxury units may be taken off the market when prices fall, while others may be downgraded to lower-quality buildings because the lower rents may no longer be enough to support luxury amenities and services. There are a great many possible permutations, but at each stage in the process, adding one unit or removing one household from one tier does not automatically mean that one additional household will step up into that tier.

I think it is clear from this that we can’t expect new luxury development to have the same impact on rents at the bottom of the market as it does at the top. But how much less impact is not clear. In technical terms, there is no good recent data on the cross-price elasticity of demand between luxury housing and lower-cost housing. A large group of urbanists have taken to talking about the housing market as if these elasticities were close to 1 (increases in luxury supply have a big impact on the low-end rent). But it’s just as likely that the elasticity is closer to 0 (the rent at the bottom of the market is very insensitive to the level of supply at the top of the market).

One of the things that I find most striking about this way of thinking is how much the list of things that might cause the XED to be much lower than 1 looks like the list of concerns you hear from people who don’t see new development as the key solution to the housing crisis. There has been quite a lot of pushback against new development on the grounds that many units are sold to Russian oligarchs or other foreign investors. By itself, this is a spectacularly weak argument against building because the total number of oligarch units is so low. But taken together with other factors, it seems like just one more way the benefit of luxury development never quite reaches the masses.

Similarly, people like to complain that new apartment buildings are mostly made up of studios and one-bedroom units. In an unsegmented view of the housing market, this should not matter because the people moving into these units will vacate units somewhere else in the city. But, if we see the market as segmented, then it matters that new buildings are serving young single people because we can expect to see the biggest price impacts on other housing that those singles would have occupied. Other young singles will get most of the benefit. When you look at all of these complaints together, they paint a picture of an electorate laser-focused on the one number that really does matter: cross-price elasticity of demand.

So much depends on this one number. If the elasticity is 1, then all new building is inherently good for everyone equally and we should build as much as possible without worrying much about who we are building for. At any point below 1, luxury development is most beneficial for the rich and less helpful for everyone else. Below 1, any policy that results in new buildings that serve the middle of the market will increase the degree to which middle- and-low income people benefit from building. At some point we get far enough below 1 that luxury housing development stops looking like a reasonable solution to the housing affordability problem at all. At that point, other strategies, like subsidized affordable housing, start to seem like more obvious solutions.

What Should we Do?

There is a meaningful debate about whether new developments push rents up or down in the neighborhoods immediately surrounding them. My view is that there are sensitive neighborhoods where fancy new buildings can accelerate gentrification, but there are also many more neighborhoods where that is not much of a risk. At the regional scale, there seems to be wide agreement and strong evidence showing that more building leads to lower average rents. But the average rent does not tell the whole story; who we build for seems to matter. If we build only high-end housing, everyone may see some benefit, but most of the benefit will flow to the rich. Low-income people may (depending on XED) receive very little benefit. Of course, if we don’t build at all, no one benefits. So, in some very real sense, some building is better than no building. But we have more options.

The most compelling policy implication of this switch to a segmented view of housing markets is that we need to do more to encourage development of new buildings that are targeted for lower- and middle-income households.

We invest a significant amount of public money in subsidized affordable housing—primarily through the Low-Income Housing Tax Credit program. We tend to justify this investment primarily based on how those buildings affect the families who live in them. But think about how adding new supply at the lower end of the market impacts the rents that everyone else will pay. Just like with high-end housing, the benefit accrues most noticeably within the same sub-segment of the market where new building happens. When we add lower-income units, we increase the supply and reduce competition for lower-cost housing and the benefit filters out in both directions to help people renting in the market segments just above and below. People at the top of the market receive the least benefit from this kind of new supply.

Listening to Voters

If we accept that the market is segmented, then it matters who we build for. In one obvious way, that is bad news. Building for the rich is simply much easier than building for anyone else, given the high construction costs. But for policymakers who are struggling with how to get more housing built, this should be very good news. If it matters who we build for, we can do something about that and we can get the great bulk of voters behind that kind of action.

Yes, local governments in hot market areas must take bold action to enable more development, but it matters to voters what kind of development results and, specifically, who that development is for. Instead of (or in addition to) focusing on changes that support development in general, we should identify the policies that change who benefits from new development and we should stress that aspect when we explain these policies to the public.

Changing who benefits is not easy or inexpensive. But the research on public attitudes suggests that even small changes along these lines can make a big difference.

Michael Hankenson, a graduate student at Harvard, surveyed renters in high-cost urban markets. He found widespread opposition to new development with a majority supporting an outright ban on new building in their own neighborhood—even among people who claimed to support the need for building more housing generally. But, among renters, attitudes toward affordable housing were quite different. While renters were less likely to support market-rate housing the closer it was located to their house, for affordable housing the result was reversed. People supported affordable housing more strongly the closer it was to their home. And, surprisingly, this difference was exactly the same for projects that were 100 percent affordable and those with only 25 percent affordable housing. Including a share of affordable units in primarily market-rate buildings dramatically changed people’s attitude toward the project. Hankenson didn’t test levels of affordability below 25 percent, but the popularity of inclusionary housing policies in cities across the country suggests that this is a common reaction and it is relevant even at much lower shares of affordable housing. People want to support development when they see it as not exclusively benefiting the rich.

Growing Bottom–up Housing Policies

One clear implication of this perspective is that we need to do even more to support development of income- and price-restricted affordable housing units. These units add to supply from the bottom up. New units come directly into the submarkets where they will make the most difference. But this is not news to local policymakers. More and more cities and counties have, in fact, been identifying local funding sources to subsidize affordable units. This is the right first step and hopefully a trend that will continue. But there is also a limit to the extent to which local taxpayers are likely to fund affordable housing development—however much they may acknowledge the problem. Ultimately only the federal government can realistically fund a large-scale expansion of affordable housing development.

Similarly, nearly every major American city has now adopted some form of inclusionary housing—requiring, or in some cases incentivizing, developers to include below-market-rate units in new market-rate buildings. But there is a limit, and sometimes a fairly low limit, to how much affordable housing can be included in a project before it is financially infeasible to develop at all. Cities however, are not powerless against this economic reality. Local planning and zoning regulations have enormous impact on what and where it is financially feasible to build. Time and again, urban voters have shown a willingness to trade relaxed density rules or reduced parking requirements in exchange for more affordable housing units.

The same voters who are consistently skeptical of market-rate building for its own sake seem to have no reservation about using market-rate development as a tool to get more affordable housing. The experts have had little success in convincing voters to remove restrictive zoning rules for the sake of more building in general, but there is a proven track record of doing exactly that in exchange for more affordable housing units. Pursuing regulatory reform on its own in the absence of clear requirements for affordable housing is not a good use of energy. It might pass in the state house, but the LA Times survey shows why someone in every city hall is going to try to fight back. However, when we tie reducing regulations to affordable housing requirements (of almost any kind) we can all pull in the same direction.

Experiment With Middle-Out Housing Policies

Where the policy choices become truly difficult is when we move up the income scale to think about more middle-income housing. If markets are segmented, then building middle-income housing would be vastly more helpful than only building luxury housing because instead of filtering from the top down, the benefits would filter from the middle out. While the market is unlikely to ever provide high-quality, low-income housing without public subsidy, in the past the market did provide plenty of middle-income housing and it could again.

In the early 20th century the federal government’s early interventions in the housing market focused on supporting the creation of market-rate, middle-income housing. Federal mortgage guarantee programs reduced the risk and cost of building. And many cities have issued bonds to finance middle-income apartment buildings. These programs can be abused, but they show that local governments can take an active role in ensuring that financing is available for new production of housing that serves more middle-income segments of the market.

And there is also growing interest in changing design and development standards to make it easier to build for the middle of the market. The recent growth of accessory dwelling unit programs can be seen as one way to do this. Several cities have been considering legalizing fourplexes in single-family neighborhoods. While these changes don’t guarantee that new housing won’t be expensive, if they are implemented at a sufficient scale, it is likely that the new units will be much more modestly priced than most multifamily development has been. Even if these new units don’t directly serve lower-income households, their benefit is more likely to reach the lower end of the market because they will start closer to the middle than much of the multi-family housing we have been building in recent years.

Living with Supply Skepticism

Time and again, housing policy ‘experts’ in this country have helped rationalize and implement policies that enriched property owners and real estate investors at the expense of communities, particularly those of color. We bulldozed people’s homes. We wrote racism into the zoning code. We promoted harmful financing scams. Our collective failure to own up to these past harms is a surprisingly central force driving the current housing shortage. Many people simply aren’t inclined to trust the experts any more.

But it is easy to overlook the many times when the partnership between the public sector and the real estate industry worked the other way. At the beginning of the 20th century, most Americans lived without indoor plumbing, fires regularly leveled whole neighborhoods, and substandard and overcrowded housing was a major contributor to deadly epidemics. Private builders all but eliminated some of those concerns from our public life. Builders didn’t install fire-rated walls or sprinkler systems to save money. They did it because laws informed by the experts made them. Homebuilders didn’t invent the 30-year, fixed-rate mortgage to help middle-income people afford homes. Experts inside the federal government did.

Urban voters aren’t likely to embrace a strategy of getting out of the way and letting the market do its magic. Many are inclined, instead, to stand in the way to keep the market from doing harm. But if we were more honest about the limitations of the market, it would be easier to convince people that local governments can hold private development accountable for delivering benefits to people who are being left out.

This article appears in the Winter 2018-19 edition of Shelterforce magazine. [5]Subscribe here.

References

Visible links
2. https://www.latimes.com/politics/la-pol-ca-residents-housing-polling-20181021-story.html
3. https://shelterforce.org/tag/yimby/
4. https://www.press.uchicago.edu/ucp/books/book/chicago/M/bo3630137.html
5. https://ezsubscription.com/she/subscribe

HackerNewsBot debug: Calculated post rank: 111 - Loop: 124 - Rank min: 100 - Author rank: 60

#For you are in Elysium, and you're already dead!

Inspired by the final quote in this post on Ilona Andrew's blog (which sounded to me like it was generated by a neural net that had been trained on rousing speeches) http://www.ilona-andrews.com/wcb-day-3/ I talked to Janelle Shane, of neural net knitting fame*, yesterday. The question was whether or not rousing speeches before battle (or speeches that had that sort of feel) had enough similar characteristics to train a neural net on them so that it produces it's own rousing speeches. We don't know. There is only one way to answer this question!

I volunteered to curate the collection of text, and this will only go forward if we can get a large enough sample. (Around ten thousand words of text - challenging, but doable, I think, if a number of people pitch in a speech or two. This means that other people share our warped sense of humor, of course...)

What we need: The text of rousing speeches (before battle, or something battle-like). Historical, fictional, books, plays, movies, radio shows, bring them on!

What to do with them: Please include the source, a link to the source if available, and your name (or handle) if you'd like credit (this is just for fun) and attach them to this post here or send them to tylik@u.washington.edu with the subject line Speeches! Encourage others to play - I'm really hoping we get to see an AI exhorting to stand firm and do or die for us and our sisters and ...!

• Seriously, if you don't know her, google her projects. It will make your day better.

Why Should Americans Be Grateful for $137 Insulin? Germans Get It for $55

Only by the bizarre logic of the U.S. pharmaceutical industry does this drug count as any kind of generic.
Article word count: 1013

HN Discussion: https://news.ycombinator.com/item?id=19460946
Posted by pseudolus (karma: 14070)
Post stats: Points: 87 - Comments: 132 - 2019-03-22T09:59:08Z

\#HackerNews #137 #americans #for #germans #get #grateful #insulin #should #why

---

Article content:




Only by the bizarre logic of the U.S. pharmaceutical industry does this drug count as any kind of generic.

Image
CreditCreditAyo888/iStock, via Getty Images Plus

This month, Eli Lilly and Company announced with some fanfare that it was manufacturing a generic version of its own best-selling insulin brand, Humalog, which it would sell for half off — $137.35 versus about $275.

David Ricks, the chief executive of Lilly, said the company was making this seemingly beneficent gesture because “many patients are struggling to afford their insulin.”

But they’re struggling, in large part, because since 2001 Lilly has [1]raised the price of a vial of Humalog to about $275, from $35. Other insulin makers have raised prices similarly.

In Germany, the list price of a vial of Humalog is about $55 — or $45 if you buy five at a time — and that includes some taxes and markup fees. Why not just reduce the price in the United States to address said suffering?

Instead, Lilly decided to come out with a new offering, a so-called authorized generic. This type of product is made by or under an agreement from the brand manufacturer. The medicines are exactly the same as the brand-name drug — often made in the same factory with the same equipment to the same formula. Only the name and the packaging are different.

It is perhaps, a sign of how desperate Americans are for something — anything — to counteract the escalating price of drugs that Lilly’s move was greeted with praise rather than a collective “Huh?”

Imagine if Apple sold a $500 iPhone for $250 if it was called, say, a yPhone, and simply lacked the elaborate white box and the little Apple on back. That would be patently absurd. An iPhone in a brown paper bag is still an iPhone. And Humalog with a new name isn’t a generic — except according to the bizarre logic of the pharmaceutical industry. Like so many parts of our health care system, its existence has more to do with convoluted business arrangements than health.

Generics, as traditionally understood, are copies of brand name drugs made by competing manufacturers once the original patent protection has expired. [2]To be approved by the Food and Drug Administration, they have to have the same active chemical ingredients as the brand drug, and be absorbed equally into the blood, though they could look different and contain different inactive additives.

Historically and in practice they tend also to be far cheaper, because the advent of generics often introduces robust competition into the market. That is why brand manufacturers sometimes produce an authorized generic once they lose patent protection. That way, they can compete at the lower price point, while preserving the original for those with extreme label loyalty.

More recently, authorized generics like Lilly’s stem largely from a different strategy — based on the perverse ways money flows through our health system and who keeps the cash.

Over the last 20 years, drug makers have continuously raised the price of some essential medicines in the United States because, well, they can in a country that doesn’t set drug prices. And they do — until the bad publicity catches up with them.

Mylan got [3]hauled before Congress in 2016 for raising the price of an EpiPen. Now it’s insulin’s turn. The other two major brand makers of insulin products — Novo Nordisk and Sanofi — have [4]raised prices in lock step with Lilly. But they are based in Europe, so the Indiana-based Lilly has been the primary focus of angry protests here.

Part of insulin’s price rise in the United States is because of the middlemen who buy the drugs on behalf of insurers and hospitals and negotiate discounts off the list price for their clients. So Lilly often doesn’t make the full $275 a vial (though, since rebates are secret, we don’t know how much less).

By selling an authorized generic, rather than merely lowering the brand’s price, Lilly is essentially doing an end-run around those middlemen and giving patients who don’t purchase through an insurer another option.

It is also making sure that if and when cheaper versions of Humalog emerge, it will have an offering to compete.

In fact, a “biosimilar” version of Humalog already exists. It was introduced to the United States last year. And yet [5]it costs around the same price as the brand name drug. Why? It is made by Sanofi, which has no interest in starting a price war to lower costs.

Finally, Lilly has generated a few positive headlines. “[6]Eli Lilly Will Sell Half-Price Version of Humalog, Its Best-Selling Insulin,” this paper reported.

Mylan effectively calmed its EpiPen PR crisis by introducing a cheaper authorized generic. Now Lilly, following a similar playbook, is hoping for a similar result.

Will it work? Politicians and patients will decide.

But they might well keep these two thoughts in mind: If the product being sold was electricity or gas for your car, a price rise of more than 600 percent over 15 years would be regarded as price gouging and wouldn’t be tolerated. And in Germany and many other developed countries, there is no need for a $137.35 vial of “authorized generic” for Humalog. At around $50 a vial, Humalog as Humalog costs far less.

Elisabeth Rosenthal, a former New York Times correspondent, is the editor in chief of Kaiser Health News and the author of “An American Sickness: How Healthcare Became Big Business and How You Can Take It Back.”

The Times is committed to publishing [7]a diversity of letters to the editor. We’d like to hear what you think about this or any of our articles. Here are some [8]tips. And here’s our email: [9]letters@nytimes.com.

Follow The New York Times Opinion section on [10]Facebook, [11]Twitter (@NYTopinion) and [12]Instagram.

Correction: March 21, 2019

An earlier version of this article and a headline with it misstated the cost of the generic version of Humalog. It is $137.35, not $137.50.

A version of this article appears in print on , on Page A23 of the New York edition with the headline: Half-Off Insulin? It’s Not as Generous As It Sounds. [13]Order Reprints | [14]Today’s Paper | [15]Subscribe

References

Visible links
1. https://www.ontrackdiabetes.com/type-1-diabetes/insulin-prices-still-high
2. https://www.fda.gov/ForConsumers/ConsumerUpdates/ucm340343.htm
3. https://www.nytimes.com/2018/08/16/health/epipen-generic-drug-prices.html?module=inline
4. https://www.ft.com/content/b102475a-1460-11e9-a581-4ff78404524e
5. https://khn.org/news/flurry-of-federal-and-state-probes-target-insulin-drugmakers-and-pharma-middlemen/
6. https://www.nytimes.com/2019/03/04/health/insulin-price-humalog-generic.html?module=inline
7. https://www.nytimes.com/2019/01/31/opinion/letters/letters-to-editor-new-york-times-women.html
8. https://help.nytimes.com/hc/en-us/articles/115014925288-How-to-submit-a-letter-to-the-editor
9. mailto:letters@nytimes.com
10. https://www.facebook.com/nytopinion
11. http://twitter.com/NYTOpinion
12. https://www.instagram.com/nytopinion/
13. http://www.nytreprints.com/
14. http://www.nytimes.com/pages/todayspaper/index.html
15. https://www.nytimes.com/subscriptions/Multiproduct/lp8HYKU.html?campaignId=48JQY

HackerNewsBot debug: Calculated post rank: 102 - Loop: 198 - Rank min: 100 - Author rank: 74

4chan, 8chan blocked by Australian and NZ ISPs for hosting shooting video

Widespread website blocking being used to limit spread of terror attack video.
Article word count: 687

HN Discussion: https://news.ycombinator.com/item?id=19443986
Posted by geephroh (karma: 349)
Post stats: Points: 84 - Comments: 151 - 2019-03-20T16:44:47Z

\#HackerNews #4chan #8chan #and #australian #blocked #for #hosting #isps #shooting #video

---

Article content:




[1]A laptop with a no-entry sign over its screen.

Internet service providers in Australia have temporarily blocked access to dozens of websites, including 4chan and 8chan, that hosted video of last weekʼs New Zealand mass shooting. New Zealand ISPs have also been blocking websites that host the video.

In Australia, ISP Vodafone said that blocking requests generally come from courts or law enforcement agencies but that this time ISPs acted on their own. "This was an extreme case which we think requires an extraordinary response," Vodafone Australia said in a statement, according to an Australian Associated Press (AAP) [2]article yesterday.

Telstra and Optus also blocked the sites in Australia. Besides 4chan and 8chan, ISP-level blocking affected the social network Voat, the blog Zerohedge, video hosting site LiveLeak, and others. "The ban on 4chan was lifted a few hours later," AAP wrote.

"The ISPsʼ decision to block access to websites was controversial as they acted to censor content without instruction from either the Australian Communications and Media Authority or the eSafety Commissioner, and most smaller service providers have decided to keep access open," The Australian Financial Review [3]wrote.

The ISPs are facing some government pressure, though. Australia Prime Minister Scott Morrison called Telstra, Optus, and Vodafone to a meeting to discuss ways to prevent distribution and livestreaming of violent videos, Financial Review wrote.

"We understand this may inconvenience some legitimate users of these sites, but these are extreme circumstances and we feel this is the right thing to do," Telstra said in a statement, according to AAP. Optus said it decided to block websites hosting the video after "reflecting on community expectations."

The website blocking is temporary and expected to be lifted when video of the attack is removed, [4]according to Guardian Australia. Facebook and Twitter werenʼt blocked, "because they are taking active steps of their own to remove the material from their pages." Facebook has [5]removed at least 1.5 million videos of the attack from its website.

Still, LiveLeak was blocked even though it took copies of the video off its platform.

Communications Alliance, a trade group that represents Australian telcos, said ISPs tried to minimize inconvenience for users despite blocking websites.

"These ISPs have sought to balance community expectations to remove access to the video with the need to minimize any inconvenience that may arise from legitimate content being blocked as an unavoidable, temporary consequence," Communications Alliance said, according to AAP.

New Zealand blocking

New Zealand ISPs took a similar approach. "The countryʼs main Internet service providers, Spark, Vodafone, Vocus and 2degrees, are blocking any website which has footage of the Friday 15 March Christchurch mosque shootings," CIO New Zealand [6]wrote on Sunday.

The ISPs "agreed to work together to identify and block access at [the]DNS level to such online locations," such as 4chan and 8chan, according to a [7]Bleeping Computer article on Saturday.

"This is an unprecedented move by the telecommunications industry, but one that they all agree is necessary," New Zealand Telecommunications Forum Chief Executive Geoff Thorn said, according to CIO. "The industry is working together to ensure this harmful content canʼt be viewed by New Zealanders."

Thorn acknowledged that "there is the risk that some sites that have legitimate content could have been mistakenly blacklisted, but this will be rectified as soon as possible."

The [8]white nationalist terrorist attacked during Friday prayer at the Al Noor Mosque and the Linwood Islamic Centre in Christchurch, New Zealand, and [9]killed 50 people while injuring 50 more. The gunman live-streamed [10]17 minutes of the attack.

New Zealand authorities have been arresting people who share video of the shooting. As we noted in [11]our coverage of the arrests, New Zealand and most other countries donʼt have free speech protections as extensive as those found in the US.

Australia and New Zealand also do not have net neutrality rules that prevent ISPs from blocking websites. In the US, net neutrality rules were [12]taken off the books last year. Even when US rules were in place, the ban on blocking only applied to lawful Internet content, and the rules also did not apply when ISPs had to cooperate with law enforcement, public safety, or national security authorities.

References

Visible links
2. https://www.sbs.com.au/news/telcos-block-access-to-websites-continuing-to-host-christchurch-terror-footage
3. https://www.afr.com/business/telecommunications/pm-drags-isps-into-postchristchurch-content-control-meeting-as-sites-get-blocked-20190320-h1cl2q
4. https://www.theguardian.com/technology/2019/mar/19/australian-telcos-block-dozens-of-websites-hosting-christchurch-terror-video
5. https://arstechnica.com/tech-policy/2019/03/facebook-no-one-reported-nz-shooting-video-during-17-minute-livestream/
6. https://www.cio.co.nz/article/658895/nz-isps-block-websites-footage-christchurch-shooting/
7. https://www.bleepingcomputer.com/news/security/new-zealand-mobile-carriers-block-8chan-4chan-and-liveleak/
8. https://www.latimes.com/world/la-fg-new-zealand-shooting-suspect-20190315-story.html
9. https://www.abc.net.au/news/2019-03-17/christchurch-shooting-death-toll-rises-to-50-new-zealand/10909288
10. https://www.nzherald.co.nz/nz/news/article.cfm?c_id=1&objectid=12213076
11. https://arstechnica.com/tech-policy/2019/03/new-zealand-men-could-get-14-years-for-sharing-massacre-video/
12. https://arstechnica.com/tech-policy/2018/06/ajit-pai-says-youre-going-to-love-the-death-of-net-neutrality/

HackerNewsBot debug: Calculated post rank: 106 - Loop: 424 - Rank min: 100 - Author rank: 96

Cockpit voice recorder of Lion Air jet depicts pilots' frantic search for fix

The pilots of a doomed Lion Air Boeing 737 MAX scoured a handbook as they strugg...
Article word count: 1039

HN Discussion: https://news.ycombinator.com/item?id=19439601
Posted by petethomas (karma: 31031)
Post stats: Points: 178 - Comments: 154 - 2019-03-20T06:39:49Z

\#HackerNews #air #cockpit #depicts #fix #for #frantic #jet #lion #pilots #recorder #search #voice

---

Article content:




JAKARTA/SINGAPORE/PARIS (Reuters) - The pilots of a doomed Lion Air Boeing 737 MAX scoured a handbook as they struggled to understand why the jet was lurching downwards, but ran out of time before it hit the water, three people with knowledge of the cockpit voice recorder contents said.

The investigation into the crash, which killed all 189 people on board in October, has taken on new relevance as the U.S. Federal Aviation Administration (FAA) and other regulators grounded the model last week after a second deadly accident in Ethiopia.

Investigators examining the Indonesian crash are considering how a computer ordered the plane to dive in response to data from a faulty sensor and whether the pilots had enough training to respond appropriately to the emergency, among other factors.

It is the first time the voice recorder contents from the Lion Air flight have been made public. The three sources discussed them on condition of anonymity.

Reuters did not have access to the recording or transcript.

A Lion Air spokesman said all data and information had been given to investigators and declined to comment further.

The captain was at the controls of Lion Air flight JT610 when the nearly new jet took off from Jakarta, and the first officer was handling the radio, according to a preliminary report issued in November.

Just two minutes into the flight, the first officer reported a “flight control problem” to air traffic control and said the pilots intended to maintain an altitude of 5,000 feet, the November report said.

The first officer did not specify the problem, but one source said airspeed was mentioned on the cockpit voice recording, and a second source said an indicator showed a problem on the captain’s display but not the first officer’s.

The captain asked the first officer to check the quick reference handbook, which contains checklists for abnormal events, the first source said.

For the next nine minutes, the jet warned pilots it was in a stall and pushed the nose down in response, the report showed. A stall is when the airflow over a plane’s wings is too weak to generate lift and keep it flying.

The captain fought to climb, but the computer, still incorrectly sensing a stall, continued to push the nose down using the plane’s trim system. Normally, trim adjusts an aircraft’s control surfaces to ensure it flies straight and level.

“They didn’t seem to know the trim was moving down,” the third source said. “They thought only about airspeed and altitude. That was the only thing they talked about.”

Boeing Co declined to comment on Wednesday because the investigation was ongoing.

FILE PHOTO: Cockpit Voice Recorder (CVR) of a Lion Air JT610 that crashed into Tanjung Karawang sea is seen inside a special container after it was found under the sea, during a press conference at Tanjung Priok Port in Jakarta, Indonesia, January 14, 2019. REUTERS/Willy Kurniawan/File Photo

The manufacturer has said there is a documented procedure to handle the situation. A different crew on the same plane the evening before encountered the same problem but solved it after running through three checklists, according to the November report.

But they did not pass on all of the information about the problems they encountered to the next crew, the report said.

The pilots of JT610 remained calm for most of the flight, the three sources said. Near the end, the captain asked the first officer to fly while he checked the manual for a solution.

About one minute before the plane disappeared from radar, the captain asked air traffic control to clear other traffic below 3,000 feet and requested an altitude of “five thou”, or 5,000 feet, which was approved, the preliminary report said.

As the 31-year-old captain tried in vain to find the right procedure in the handbook, the 41-year-old first officer was unable to control the plane, two of the sources said.

The flight data recorder shows the final control column inputs from the first officer were weaker than the ones made earlier by the captain.

“It is like a test where there are 100 questions and when the time is up you have only answered 75,” the third source said. “So you panic. It is a time-out condition.”

The Indian-born captain was silent at the end, all three sources said, while the Indonesian first officer said “Allahu Akbar”, or “God is greatest”, a common Arabic phrase in the majority-Muslim country that can be used to express excitement, shock, praise or distress.

[1]
[IMG][2]REUTERS GRAPHICS

Indonesia plane crashA Lion Air flight with 189 people on board crashed into the sea shortly after taking off from the Indonesian capital, Jakarta.

The plane then hit the water, killing all 189 people on board.

French air accident investigation agency BEA said on Tuesday the flight data recorder in the Ethiopian crash that killed 157 people showed “clear similarities” to the Lion Air disaster. Since the Lion Air crash, Boeing has been pursuing a software upgrade to change how much authority is given to the Maneuvering Characteristics Augmentation System, or MCAS, a new anti-stall system developed for the 737 MAX.

The cause of the Lion Air crash has not been determined, but the preliminary report mentioned the Boeing system, a faulty, recently replaced sensor and the airline’s maintenance and training.

On the same aircraft the evening before the crash, a captain at Lion Air’s full-service sister carrier, Batik Air, was riding along in the cockpit and solved the similar flight control problems, two of the sources said. His presence on that flight, first reported by Bloomberg, was not disclosed in the preliminary report.

The report also did not include data from the cockpit voice recorder, which was not recovered from the ocean floor until January.

Slideshow (2 Images)

Soerjanto Tjahjono, head of Indonesian investigation agency KNKT, said last week the report could be released in July or August as authorities attempted to speed up the inquiry in the wake of the Ethiopian crash.

On Wednesday, he declined to comment on the cockpit voice recorder contents, saying they had not been made public.

Reporting by Cindy Silviana in Jakarta, Jamie Freed in Singapore and Tim Hepher in Paris; writing by Jamie Freed; Editing by Gerry Doyle

Our Standards:[3]The Thomson Reuters Trust Principles.

References

Visible links
1. https://graphics.reuters.com/INDONESIA-CRASH/0100810F1X2/index.html
2. https://graphics.reuters.com/INDONESIA-CRASH/0100810F1X2/index.html
3. http://thomsonreuters.com/en/about-us/trust-principles.html

HackerNewsBot debug: Calculated post rank: 170 - Loop: 279 - Rank min: 100 - Author rank: 85

Rules for Autocomplete

Posted on March 19, 2019 Autocompleting text with known values seems like an easy problem to solve, but so so so many UIs get it wrong. I see this frequently enough that, rather than complain about…
Article word count: 815

HN Discussion: https://news.ycombinator.com/item?id=19438826
Posted by piinbinary (karma: 1075)
Post stats: Points: 134 - Comments: 35 - 2019-03-20T03:58:47Z

\#HackerNews #autocomplete #for #rules

---

Article content:

Posted on March 19, 2019

Autocompleting text with known values seems like an easy problem to solve, but so so so many UIs get it wrong. I see this frequently enough that, rather than complain about them individually, I though I’d just write down the set of rules they often break.

There may be cases where some of these rules aren’t the best thing to do, but there should be a good reason for breaking one of these rules (for example, some of these rules don’t apply if a field must be filled with a value from a fixed set, like the list of US states). Following these rules should always result in at very least a sane experience:
\* Exact matches always come first. If the user types in an option exactly, other options must always go below the one matching what they typed.
\* Besides exact matches, prefix matches come first. If I type “Fr” I want “Fresno” not “San Francisco.”
\* After prefix matches, it can fall back to substring matches. Starting with substring matches would almost always be the wrong thing to do since users start typing words at the beginning not somewhere in the middle.
\* If there are no substring matches, it can optionally fall back to subsequence matching. This is only useful in some cases.
\* If there are no subsequence/substring matches, it can optionally fall back to approximate matches. This is rarely necessary to provide.
\* Matches should be sorted alphabetically.
\* When one option is the prefix of another, put the shortest one first.
\* The matching should probably be case insensitive unless there are two options that differ only by case. In that case (pun intended), prefer the one that more closely matches the user’s input.
\* The action to make use of the selection (e.g. to search the term) must be a different key than the action to accept the first suggestion unless you have to do something first to start using autocomplete suggestions (e.g. hit the down arrow). The user should never have to take extra steps to not use autocomplete.
\* The tab key should always accept the current autocomplete option, if there is one (whether it is highlighted in a dropdown or suggested inline).
\* If an autocomplete selection is highlighted, pressing enter should always make use of that selection. It should never revert to a default selection, even if part of the page is loading. If something is still loading, it is better to ignore the enter press than to navigate to the wrong destination.
\* Autocomplete should almost never activate on keypresses when the field using autocomplete is not focused.
\* The results should come in <100ms in the common case.
\* It’s OK to pause autocompleting when the user is rapidly typing additional letters, but don’t show results from the middle of that burst of letters after the user has finished typing. It’s better to wait longer and change the results once than to show results that appear finished but aren’t. (I admit that this rule is quite subjective.)
\* If an option is highlighted, never change it, even if new data is loaded.
There are some optional features that make sense in certain kinds of autocompletion and not others. I’m sure there are more correct names for these features than what I listed.
\* Show options I’ve used before when I focus the field but haven’t entered anything yet.
\* Autocompletion to the nearest ambiguous prefix. If I type “g” and that matches both “Google” and “GoodReads”, this operation would fill in the two “o”s, allowing me to then type either “g” or “d” to select the option I want.
\* Multipart matching. This is useful for autocompleting file paths, where I might enter “e/b/a” to autocomplete “env/bin/activate”. ZSH does this well.
\* Recursive matching. Since autocompletion sometimes serves dual purpose as a quick way to browse options, sometimes you want to start with a broad filter and then search within those results. For example, if I enter “.pdf” to see all pdf files, I can then hit some key (perhaps comma) to start searching within those results, even though what I am now typing actually appears in the name before what I typed previously.
\* Spelling correction. This tends to be useful in search engines.
\* Aliases. When trying to autocomplete a username, the person’s first/last name could be allowed to autocomplete to their username. The same goes for state abbreviations suggesting the full state.
\* Additional information in the results. If you are autocompleting function names, it is nice to see a list of the arguments they take.
\* Context-aware suggestions. This is useful when autocompleting code or a word (usually on a mobile phone) where the context is very predictive of what the desired result is likely to be.
\* Make it possible to go back to what I’ve typed after accepting an autocomplete suggestion. (The up arrow key tends to be a nice way to allow this.)
HackerNewsBot debug: Calculated post rank: 101 - Loop: 71 - Rank min: 100 - Author rank: 57

KDE Connect removed from Google Play store for violating new policy on SMS

“KDE Connect has been removed from @GooglePlay for violating their new policy on apps that access SMS [1]. The policy has an explicit exception for companion apps (like KDE Connect), but it was…
Article word count: 590

HN Discussion: https://news.ycombinator.com/item?id=19429193
Posted by coolgoose (karma: 115)
Post stats: Points: 161 - Comments: 52 - 2019-03-19T09:09:29Z

\#HackerNews #connect #for #from #google #kde #new #play #policy #removed #sms #store #violating

---

Article content:



[1] [IMG][2]Albert Vaca Cintora‏ @albertvaka [3]3h3 hours ago
\* 
\* 
KDE Connect has been removed from [4]@GooglePlay for violating their new policy on apps that access SMS [1]. The policy has an explicit exception for companion apps (like KDE Connect), but it was removed anyway and thereʼs no way to talk to Google. 1/N [1][5]https://support.google.com/googleplay/android-developer/answer/9047303 …

[6] [IMG][7]Albert Vaca Cintora‏ @albertvaka [8]3h3 hours ago
\* 
\* 
Google only provides one-way forms to contact them. Iʼve filled the forms regarding this policy change (including one they sent to existing apps before the policy was effective) but never got an explanation to why KDE Connect doesnʼt qualify as a companion app. 2/N

Show this thread
[9] [IMG][10]Albert Vaca Cintora‏ @albertvaka [11]3h3 hours ago
\* 
\* 
There is simply no way to talk to a human being at [12]@Google. I bet this saves a lot in customer support. 3/N

Show this thread
[13] [IMG][14]Albert Vaca Cintora‏ @albertvaka [15]3h3 hours ago
\* 
\* 
Iʼm about to upload a version of KDE Connect to the Play Store with the SMS functionality removed. Those who want the full app, can still download it from F-Droid: [16]https://f-droid.org/packages/org.kde.kdeconnect_tp/ … Thanks [17]@fdroidorg! 4/N

Show this thread
[18] [IMG][19]Albert Vaca Cintora‏ @albertvaka [20]3h3 hours ago
\* 
\* 
To make things better, the [21]@GooglePlay console gives me an internal error, so I canʼt upload the version without SMS support. Meanwhile, new users canʼt download KDE Connect. [22]👏 Good job Google.[23]pic.twitter.com/Cy8D1CsOJH

Show this thread
[24] [IMG][25]Gürkan 🇪🇺�’‏ @gurkanfalan [26]2h2 hours ago
\* 
\* 
Replying to [27]@albertvaka [28]@GooglePlay

Thanks google for constantly reminding me that I should free myself from it.

[29] [IMG][30]Alfie Day‏ @Azelphur [31]2h2 hours ago
\* 
\* 
Replying to [32]@albertvaka [33]@GooglePlay

Good thing I was already using [34]@fdroidorg. [35]@GooglePlay needs sort this silliness out.

[36] [IMG][37]Andrei Costin Balaianu‏ @ABalaianu [38]3h3 hours ago
\* 
\* 
Replying to [39]@albertvaka [40]@GooglePlay

This is so Google (and Apple, and Facebook and...wait...I donʼt have enough characters available for this list)

[41] [IMG][42]Chris Hills‏ @chaz_6 [43]36m36 minutes ago
\* 
\* 
Replying to [44]@albertvaka [45]@GooglePlay

It would be useful if the *.apk files were available at [46]https://github.com/KDE/kdeconnect-android/releases/ … for direct installation in the meantime

[47] [IMG][48]mase‏ @mase_nocturnal [49]1h1 hour ago
\* 
\* 
Replying to [50]@albertvaka [51]@GooglePlay

Thankfully it is still on [52]@fdroidorg

[53] [IMG][54]Giuseppe Pignataro‏ @fastbyte01 [55]2h2 hours ago
\* 
\* 
Replying to [56]@albertvaka [57]@kubuntu [58]@GooglePlay

The Google support for developers publishing on [59]@GooglePlay is really worst. [60]@Android is the first mobile OS thanks for the support of all the developers that create apps for it and they arenʼt able to give us a decent support.

[61] [IMG][62]Carlos Soriano‏ @csoriano1618 [63]53m53 minutes ago
\* 
\* 
Replying to [64]@albertvaka [65]@GooglePlay

Recently we had some issues too with Google API policies at GNOME... itʼs not being easy to work effectively with them [66]😔

[67] [IMG][68]Carlos Soriano‏ @csoriano1618 [69]51m51 minutes ago
\* 
\* 
Replying to [70]@csoriano1618 [71]@albertvaka [72]@GooglePlay

This is like all big companies though, we had a good experience with other departments like GSoc or so.

[73] [IMG][74]RAMY‏ @RamySami [75]2m2 minutes ago
\* 
\* 
Replying to [76]@albertvaka [77]@GooglePlay

Epic was right not to put Fortnite on Google play

[78] [IMG][79]RTheren‏ @r_theren [80]4m4 minutes ago
\* 
\* 
Replying to [81]@albertvaka [82]@GooglePlay

I use the version fro F-Droid anyway. This really sucks, like a lot.

[83] [IMG][84]Chris Hills‏ @chaz_6 [85]38m38 minutes ago
\* 
\* 
Replying to [86]@albertvaka [87]@GooglePlay

Perhaps this could be pursued under antitrust laws? They must be able to be held to account.

[88] [IMG][89]Anthony Maurin‏ @spartanz51 [90]54m54 minutes ago
\* 
\* 
Replying to [91]@albertvaka [92]@Alex193a [93]@GooglePlay

@GooglePlay please fix that

[94] [IMG][95]Emrah Urhan‏ @raxetul [96]1h1 hour ago
\* 
\* 
Replying to [97]@albertvaka [98]@sinanonur [99]@GooglePlay

[100]😡

[101] [IMG][102]Vladymyr L‏ @Vladymyr_L [103]2h2 hours ago
\* 
\* 
Replying to [104]@albertvaka [105]@GooglePlay

I think the worst thing that could do Google for his customer is to leave them without the best program without any real reason just for some dumb policy.

References

Visible links
1. https://twitter.com/albertvaka
2. https://twitter.com/albertvaka
3. https://twitter.com/albertvaka/status/1107924633750253568
4. https://twitter.com/GooglePlay
5. https://t.co/WDXEqTUhHl
6. https://twitter.com/albertvaka
7. https://twitter.com/albertvaka
8. https://twitter.com/albertvaka/status/1107924634823987200
9. https://twitter.com/albertvaka
10. https://twitter.com/albertvaka
11. https://twitter.com/albertvaka/status/1107924635818098689
12. https://twitter.com/Google
13. https://twitter.com/albertvaka
14. https://twitter.com/albertvaka
15. https://twitter.com/albertvaka/status/1107924636799504384
16. https://t.co/vsudDrzzgS
17. https://twitter.com/fdroidorg
18. https://twitter.com/albertvaka
19. https://twitter.com/albertvaka
20. https://twitter.com/albertvaka/status/1107924637927772160
21. https://twitter.com/GooglePlay
23. https://t.co/Cy8D1CsOJH
24. https://twitter.com/gurkanfalan
25. https://twitter.com/gurkanfalan
26. https://twitter.com/gurkanfalan/status/1107944301487706112
27. https://twitter.com/albertvaka
28. https://twitter.com/GooglePlay
29. https://twitter.com/Azelphur
30. https://twitter.com/Azelphur
31. https://twitter.com/Azelphur/status/1107942514982555648
32. https://twitter.com/albertvaka
33. https://twitter.com/GooglePlay
34. https://twitter.com/fdroidorg
35. https://twitter.com/GooglePlay
36. https://twitter.com/ABalaianu
37. https://twitter.com/ABalaianu
38. https://twitter.com/ABalaianu/status/1107933048375595010
39. https://twitter.com/albertvaka
40. https://twitter.com/GooglePlay
41. https://twitter.com/chaz_6
42. https://twitter.com/chaz_6
43. https://twitter.com/chaz_6/status/1107965389470879745
44. https://twitter.com/albertvaka
45. https://twitter.com/GooglePlay
46. https://t.co/xDeIT4JimH
47. https://twitter.com/mase_nocturnal
48. https://twitter.com/mase_nocturnal
49. https://twitter.com/mase_nocturnal/status/1107955556042473474
50. https://twitter.com/albertvaka
51. https://twitter.com/GooglePlay
52. https://twitter.com/fdroidorg
53. https://twitter.com/fastbyte01
54. https://twitter.com/fastbyte01
55. https://twitter.com/fastbyte01/status/1107951448304898048
56. https://twitter.com/albertvaka
57. https://twitter.com/kubuntu
58. https://twitter.com/GooglePlay
59. https://twitter.com/GooglePlay
60. https://twitter.com/Android
61. https://twitter.com/csoriano1618
62. https://twitter.com/csoriano1618
63. https://twitter.com/csoriano1618/status/1107961030204899328
64. https://twitter.com/albertvaka
65. https://twitter.com/GooglePlay
67. https://twitter.com/csoriano1618
68. https://twitter.com/csoriano1618
69. https://twitter.com/csoriano1618/status/1107961542547517441
70. https://twitter.com/csoriano1618
71. https://twitter.com/albertvaka
72. https://twitter.com/GooglePlay
73. https://twitter.com/RamySami
74. https://twitter.com/RamySami
75. https://twitter.com/RamySami/status/1107973938615906307
76. https://twitter.com/albertvaka
77. https://twitter.com/GooglePlay
78. https://twitter.com/r_theren
79. https://twitter.com/r_theren
80. https://twitter.com/r_theren/status/1107973513917411328
81. https://twitter.com/albertvaka
82. https://twitter.com/GooglePlay
83. https://twitter.com/chaz_6
84. https://twitter.com/chaz_6
85. https://twitter.com/chaz_6/status/1107964950243393541
86. https://twitter.com/albertvaka
87. https://twitter.com/GooglePlay
88. https://twitter.com/spartanz51
89. https://twitter.com/spartanz51
90. https://twitter.com/spartanz51/status/1107960807386685445
91. https://twitter.com/albertvaka
92. https://twitter.com/Alex193a
93. https://twitter.com/GooglePlay
94. https://twitter.com/raxetul
95. https://twitter.com/raxetul
96. https://twitter.com/raxetul/status/1107958422920720385
97. https://twitter.com/albertvaka
98. https://twitter.com/sinanonur
99. https://twitter.com/GooglePlay
101. https://twitter.com/Vladymyr_L
102. https://twitter.com/Vladymyr_L
103. https://twitter.com/Vladymyr_L/status/1107948467480154112
104. https://twitter.com/albertvaka
105. https://twitter.com/GooglePlay

HackerNewsBot debug: Calculated post rank: 124 - Loop: 108 - Rank min: 100 - Author rank: 82

Nvidia's $99 Jetson Nano Is an AI Computer for DIY Enthusiasts

NVIDIA has unveiled a $99 computer that brings AI hardware to the homebrew crowd.
Article word count: 100

HN Discussion: https://news.ycombinator.com/item?id=19426062
Posted by plasticchris (karma: 553)
Post stats: Points: 131 - Comments: 39 - 2019-03-18T22:36:28Z

\#HackerNews #computer #diy #enthusiasts #for #jetson #nano #nvidias

---

Article content:

The kit can run Linux out of the box, and supports a raft of AI frameworks (including, of course, NVIDIAʼs own). It comes equipped with 4GB of RAM, gigabit Ethernet and the I/O youʼd need for cameras and other attachments.

Price, unsurprisingly, is the main hook. While the Nano isnʼt nearly as powerful as [1]higher-end Jetson models, itʼs available now at $99 for individuals and $129 for "production-ready" units destined for companies. That puts it within range of hobbyists, inventors and students who are willing to spend a bit more (but only a bit more) to create their own automated devices.

References

Visible links
1. https://www.engadget.com/2018/12/12/nvidia-jetson-agx-xavier-robot-processor-available/

HackerNewsBot debug: Calculated post rank: 100 - Loop: 129 - Rank min: 100 - Author rank: 32

New Tools for Detecting HTTPS Interception

The practice of HTTPS interception continues to be commonplace on the Internet. This blog post discusses types of monster-in-the-middle devices and software, and how to detect them.
Article word count: 2306

HN Discussion: https://news.ycombinator.com/item?id=19423470
Posted by grittygrease (karma: 253)
Post stats: Points: 156 - Comments: 55 - 2019-03-18T18:08:10Z

\#HackerNews #detecting #for #https #interception #new #tools

---

Article content:




The practice of HTTPS interception continues to be commonplace on the Internet. HTTPS interception has encountered scrutiny, most notably in the 2017 study “[1]The Security Impact of HTTPS Interception” and the United States Computer Emergency Readiness Team (US-CERT) [2]warning that the technique weakens security. In this blog post, we provide a brief recap of HTTPS interception and introduce two new tools:

1. [3]MITMEngine, an open-source library for HTTPS interception detection, and
2. [4]MALCOLM, a dashboard displaying metrics about HTTPS interception we observe on Cloudflare’s network.

In a basic HTTPS connection, a browser (client) establishes a TLS connection directly to an origin server to send requests and download content. However, many connections on the Internet are not directly from a browser to the server serving the website, but instead traverse through some type of proxy or middlebox (a “monster-in-the-middle” or MITM). There are many reasons for this behavior, both malicious and benign.

Types of HTTPS Interception, as Demonstrated by Various Monsters in the Middle

One common HTTPS interceptor is TLS-terminating forward proxies. (These are a subset of all forward proxies; non-TLS-terminating forward proxies forward TLS connections without any ability to inspect encrypted traffic). A TLS-terminating forward proxy sits in front of a client in a TLS connection, transparently forwarding and possibly modifying traffic from the browser to the destination server. To do this, the proxy must terminate the TLS connection from the client, and then (hopefully) re-encrypt and forward the payload to the destination server over a new TLS connection. To allow the connection to be intercepted without a browser certificate warning appearing at the client, forward proxies often require users to install a root certificate on their machine so that the proxy can generate and present a trusted certificate for the destination to the browser. These root certificates are often installed for corporate managed devices, done by network administrators without user intervention.
Antivirus and Corporate Proxies
Some legitimate reasons for a client to connect through a forward proxy would be to allow antivirus software or a corporate proxy to inspect otherwise encrypted data entering and leaving a local network in order to detect inappropriate content, malware, and data breaches. The Blue Coat data loss prevention tools offered by Symantec are one example. In this case, HTTPS interception occurs to check if an employee is leaking sensitive information before sending the request to the intended destination.
Malware Proxies
Malicious forward proxies, however, might insert advertisements into web pages or exfiltrate private user information. Malware like [5]Superfish insert targeted ads into encrypted traffic, which requires intercepting HTTPS traffic and modifying the content in the response given to a client.
Leaky Proxies
Any TLS-terminating forward proxy--whether it’s well-intentioned or not--also risks exposing private information and opens the door to spoofing. When a proxy root certificate is installed, Internet browsers lose the ability to validate the connection end-to-end, and must trust the proxy to maintain the security of the connection to ensure that sensitive data is protected. Some proxies re-encrypt and forward traffic to destinations using less secure TLS parameters.

Proxies can also require the installation of vendor root certificates that can be easily abused by other malicious parties. In November 2018, a type of Sennheiser wireless headphones required the user to install a [6]root certificate which used insecure parameters. This root certificate could allow any adversary to impersonate websites and send spoofed responses to machines with this certificate, as well as observe otherwise encrypted data.

TLS-terminating forward proxies could even trust root certificates considered insecure, like Symantec’s CA. If poorly implemented, any TLS-terminating forward proxy can become a widespread attack vector, leaking private information or allowing for response spoofing.
Reverse Proxies
Reverse proxies also sit between users and origin servers. Reverse proxies (such as Cloudflare and Akamai) act on behalf of origin servers, caching static data to improve the speed of content delivery and offering security services such as DDoS mitigation. Critically, reverse proxies do not require special root certificates to be installed on user devices, since browsers establish connections directly to the reverse proxy to download content that is hosted at the origin server. Reverse proxies are often used by origin servers to improve the security of client HTTPS connections (for example, by enforcing strict security policies and using the [7]newest security protocols like TLS 1.3). In this case, reverse proxies are intermediaries that provide better performance and security to TLS connections.

Why Continue Examining HTTPS Interception?

[8]In a previous blog post, we argued that HTTPS interception is prevalent on the Internet and that it often degrades the security of Internet connections. A server that refuses to negotiate weak cryptographic parameters should be safe from many of the risks of degraded connection security, but there are plenty of reasons why a server operator may want to know if HTTPS traffic from its clients has been intercepted.

First, detecting HTTPS interception can help a server to identify suspicious or potentially vulnerable clients connecting to its network. A server can use this knowledge to notify legitimate users that their connection security might be degraded or compromised. HTTPS interception also increases the attack surface area of the system, and presents an attractive target for attackers to gain access to sensitive connection data.

Second, the presence of content inspection systems can not only weaken the security of TLS connections, but it can hinder the [9]adoption of new innovations and improvements to TLS. Users connecting through older middleboxes may have their connections downgraded to older versions of TLS the middleboxes still support, and may not receive the security, privacy, and performance benefits of new TLS versions, even if newer versions are supported by both the browser and the server.

Introducing MITMEngine: Cloudflare’s HTTPS Interception Detector

Many TLS client implementations can be uniquely identified by features of the Client Hello message such as the supported version, cipher suites, extensions, elliptic curves, point formats, compression, and signature algorithms. The technique introduced by “[10]The Security Impact of HTTPS Interception” is to construct TLS Client Hello signatures for common browser and middlebox implementations. Then, to identify HTTPS requests that have been intercepted, a server can look up the signature corresponding to the request’s HTTP User Agent, and check if the request’s Client Hello message matches the signature. A mismatch indicates either a spoofed User Agent or an intercepted HTTPS connection. The server can also compare the request’s Client Hello to those of known HTTPS interception tools to understand which interceptors are responsible for intercepting the traffic.

The [11]Caddy Server MITM Detection tool is based on these heuristics and implements support for a limited set of browser versions. However, we wanted a tool that could be easily applied to the broad set of TLS implementations that Cloudflare supports, with the following goals:
\* Maintainability: It should be easy to add support for new browsers and to update existing browser signatures when browser updates are released.
\* Flexibility: Signatures should be able to capture a wide variety of TLS client behavior without being overly broad. For example, signatures should be able to account for the [12]GREASE values sent in modern versions of Chrome.
\* Performance: Per-request MITM detection should be cheap so that the system can be deployed at scale.
To accomplish these goals, the Cryptography team at Cloudflare developed [13]MITMEngine, an open-source HTTPS interception detector. MITMEngine is a Golang library that ingests User Agents and TLS Client Hello fingerprints, then returns the likelihood of HTTPS interception and the factors used to identify interception. To learn how to use MITMEngine, check out the project on GitHub.

MITMEngine works by comparing the values in an observed TLS Client Hello to a set of known browser Client Hellos. The fields compared include:
\* TLS version,
\* Cipher suites,
\* Extensions and their values,
\* Supported elliptic curve groups, and
\* Elliptic curve point formats.
When given a pair of User Agent and observed TLS Client Hello, MITMEngine detects differences between the given Client Hello and the one expected for the presented User Agent. For example, consider the following User Agent:

Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/47.0.2526.111 Safari/537.36

This User Agent corresponds to Chrome 47 running on Windows 7. The paired TLS Client Hello includes the following cipher suites, displayed below as a hex dump:

0000 c0 2b c0 2f 00 9e c0 0a c0 14 00 39 c0 09 c0 13 .+./.... ...9....
0010 00 33 00 9c 00 35 00 2f 00 0a .3...5./ ..

These cipher suites translate to the following list (and order) of 13 ciphers:

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)

The reference TLS Client Hello cipher suites for Chrome 47 are the following:

0000 c0 2b c0 2f 00 9e cc 14 cc 13 c0 0a c0 14 00 39 .+./.... .......9
0010 c0 09 c0 13 00 33 00 9c 00 35 00 2f 00 0a .....3.. .5./..

Looking closely, we see that the cipher suite list for the observed traffic is shorter than we expect for Chrome 47; two cipher suites have been removed, though the remaining cipher suites remain in the same order. The two missing cipher suites are

TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc14)
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (0xcc13)

Chrome prioritizes these two ChaCha ciphers above AES-CBC ciphers--a good choice, given that [14]CBC (cipher block chaining) mode is vulnerable to padding oracle attacks. It looks like the traffic we received underwent HTTPS interception, and the interceptor potentially didnʼt support ChaCha ciphers.

Using contextual clues like the used cipher suites, as well as additional User Agent text, we can also detect which software was used to intercept the HTTPS connection. In this case, MITMEngine recognizes that the fingerprint observed actually matches a fingerprint collected from Sophos antivirus software, and indicates that this software is likely the cause of this interception.

We welcome contributions to MITMEngine. We are particularly interested in collecting more fingerprints of MITM software and browser TLS Client Hellos, because MITMEngine depends on these reference fingerprints to detect HTTPS interception. Contributing these fingerprints is as simple as opening [15]Wireshark, capturing a pcap file with a TLS Client Hello, and submitting the pcap file in a PR. More instructions on how to contribute can be found in the [16]MITMEngine documentation.

Observing HTTPS Interception on Cloudflare’s Network with MALCOLM

To complement MITMEngine, we also built a dashboard, [17]MALCOLM, to apply MITMEngine to a sample of Cloudflare’s overall traffic and observe HTTPS interception in the requests hitting our network. Recent MALCOLM data incorporates a fresh set of reference TLS Client Hellos, so readers will notice that percentage of "unknown" instances of HTTPS interception has decreased from Feburary 2019 to March 2019.

In this section of this blog post, we compare HTTPS interception statistics from MALCOLM to the 2017 study “[18]The Security Impact of HTTPS Interception”. With this data, we can see the changes in HTTPS interception patterns observed by Cloudflare over the past two years.

Using MALCOLM, let’s see how HTTPS connections have been intercepted as of late. This MALCOLM data was collected between March 12 and March 13, 2019.

The 2017 study found that 10.9% of Cloudflare-bound TLS Client Hellos had been intercepted. MALCOLM shows that the number of interceptions has increased by a substantial amount, to 18.6%:

This result, however, is likely inflated compared to the results of the 2017 study. The 2017 study considered all traffic that went through Cloudflare, regardless of whether it had a recognizable User Agent or not. MALCOLM only considers results with recognizable User Agents that could be identified by [19]uasurfer, a Golang library for parsing User Agent strings. Indeed, when we don’t screen out TLS Client Hellos with unidentified User Agents, we see that 11.3% of requests are considered intercepted--an increase of 0.4%. Overall, the prevalence of HTTPS interception activity does not seem to have changed much over the past two years.

Next, we examine the prevalence of HTTPS interception by browser and operating system. The paper presented the following table. We’re interested in finding the most popular browsers and most frequently intercepted browsers.

MALCOLM yields the following statistics for all traffic by browsers. MALCOLM presents mobile and desktop browsers as a single item. This can be broken into separate views for desktop and mobile using the filters on the dashboard.

Chrome usage has expanded substantially since 2017, while usage of Safari, IE, and Firefox has fallen somewhat (here, IE includes Edge). Examining the most frequently intercepted browsers, we see the following results:

We see above that Chrome again accounts for a larger percentage of intercepted traffic, likely given growth in Chrome’s general popularity. As a result, HTTPS interception rates for other browsers, like Internet Explorer, have fallen as IE is less frequently used. MALCOLM also highlights the prevalence of other browsers that have their traffic intercepted--namely, UCBrowser, a browser common in China.

Now, we examine the most common operating systems observed in Cloudflare’s traffic:

Android use has clearly increased over the past two years as smartphones become peoples’ primary device for accessing the Internet. Windows also remains a common operating system.

As Android becomes more popular, the likelihood of HTTPS interception occurring on Android devices also has increased substantially:

Since 2017, Android devices have overtaken those of Windows as the most intercepted.

As more of the world’s Internet consumption occurs through mobile devices, it’s important to acknowledge that simply changing platforms and browsers has not impacted the prevalence of HTTPS interception.

Conclusion

Using MITMEngine and MALCOLM, we’ve been able to continuously track the state of HTTPS interception on over 10% of Internet traffic. It’s imperative that we track the status of HTTPS interception to give us foresight when deploying new security measures and detecting breaking changes in security protocols. Tracking HTTPS interception also helps us contribute to our broader mission of “helping to build a better Internet” by keeping tabs on software that possibly weakens good security practices.

Interested in exploring more HTTPS interception data? Here are a couple of next steps:

1. Check out [20]MALCOLM, click on a couple of percentage bars to apply filters, and share any interesting HTTPS interception patterns you see!
2. Experiment with [21]MITMEngine today, and see if TLS connections to your website have been impacted by HTTPS interception.
3. Contribute to MITMEngine!

References

Visible links
1. https://jhalderm.com/pub/papers/interception-ndss17.pdf
2. https://www.us-cert.gov/ncas/alerts/TA17-075A
3. https://github.com/cloudflare/mitmengine
4. https://malcolm.cloudflare.com/
5. https://www.us-cert.gov/ncas/alerts/TA15-051A
6. https://arstechnica.com/information-technology/2018/11/sennheiser-discloses-monumental-blunder-that-cripples-https-on-pcs-and-macs/
7. https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/
8. https://blog.cloudflare.com/understanding-the-prevalence-of-web-traffic-interception/
9. https://blog.cloudflare.com/why-tls-1-3-isnt-in-browsers-yet/
10. https://jhalderm.com/pub/papers/interception-ndss17.pdf
11. https://caddyserver.com/docs/mitm-detection
12. https://tools.ietf.org/html/draft-davidben-tls-grease-01
13. https://github.com/cloudflare/mitmengine
14. https://blog.cloudflare.com/padding-oracles-and-the-decline-of-cbc-mode-ciphersuites/
15. https://www.wireshark.org/
16. https://github.com/cloudflare/mitmengine
17. https://malcolm.cloudflare.com/
18. https://jhalderm.com/pub/papers/interception-ndss17.pdf
19. https://github.com/avct/uasurfer
20. https://malcolm.cloudflare.com/
21. https://github.com/cloudflare/mitmengine

HackerNewsBot debug: Calculated post rank: 122 - Loop: 365 - Rank min: 100 - Author rank: 76

Air-breathing rocket engine set for key tests

Important tests lie ahead for the engine concept that could take a plane from London to Sydney in about four hours.
Article word count: 674

HN Discussion: https://news.ycombinator.com/item?id=19419279
Posted by sambeau (karma: 6523)
Post stats: Points: 93 - Comments: 60 - 2019-03-18T07:38:14Z

\#HackerNews #air-breathing #engine #for #key #rocket #set #tests

---

Article content:




By Jonathan Amos BBC Science Correspondent

[1]Artwork Image copyright Reaction Engines LTD Image caption Artwork: Sabre could enable intercontinental travel at five times the speed of sound

The UK project to develop a hypersonic engine that could take a plane from London to Sydney in about four hours is set for a key demonstration.

The Sabre engine is part jet, part rocket, and relies on a novel pre-cooler heat-exchanger technology.

This pre-cooler system will begin a new phase of testing in the next month or so in Colorado, US.

Meanwhile, the core part of the engine has just gone through its preliminary design review.

Signed off by experts at the European Space Agency, the review sets the stage for this central section of Sabre to begin its own demonstration campaign at Wescott Space Cluster in Buckinghamshire next year.

Image copyright Reaction Engines LTD
Image caption Artwork: Space planes based on Sabre ought to be fully reusable and cheaper to operate

The company behind the project, Reaction Engines Ltd (REL), says it is making good progress.

Not only would Sabre power units enable rapid, point-to-point transport inside the atmosphere, but they would also allow reusable vehicles to make the jump straight to orbit without the need for multiple propellant stages - as is the case now with conventional rockets.

Sabre would work like an air-breathing jet engine from standstill to about Mach 5.5 (5.5 times the speed of sound) and then transition to a rocket mode at high altitude, going at 25 times the speed of sound to get into space, if this is the chosen destination.

Image copyright Reaction Engines LTD
Image caption The European Space Agency is auditing the technical development of Sabre

Achieving this flight profile is a challenge in managing temperature extremes.

The essential innovations include a compact pre-cooler heat-exchanger that can take an incoming airstream in the region of 1,000C and cool it to -150C in less than 1/100th of a second.

[2]REL proved the pre-coolerʼs efficiency at taking an ambient air stream to low temperature in 2012. Now it must do the same in a very high-temperature regime. This is the purpose of the Colorado tests.

"To have a very high-temperature, high-volume flow of air to test the pre-cooler - we needed a new facility. That is now complete," explains Shaun Driscoll, RELʼs programmes director

"We will be running tests in the next month or two. We will be using re-heated aero engines to drive air through the system. We will drive air into the pre-cooler at up to 1,000C."

Image copyright Reaction Engines LTD
Image caption Sabre would burn hydrogen in the oxygen it scoops from the air

Sabre, at a fundamental level, can be divided into three sections - the pre-cooler front-end; a core combustion section with a smart thermodynamic cycle to again manage heat and fluid flow; and a relatively conventional rocket arrangement at the rear.

Itʼs the core section that is having a new test facility built for it at the Wescott space park, the site of Britainʼs post-war Rocket Propulsion Establishment.

Image copyright Reaction Engines LTD
Image caption New building: On the site of Britainʼs post-war Rocket Propulsion Establishment

The building is nearing the end of its preparation and the design work on the core of Sabre is also moving towards its conclusion.

"The core can be tested on the ground, but itʼs the core that gets you air-breathing from the ground up to the edge of space, at which point there is no more oxygen to breathe and the system transitions to the pure rocket mode," Mr Driscoll said.

REL is a private venture with the backing of aerospace giants BAe Systems, [3]Rolls-Royce and Boeing. It has also received [4]significant R&D support from the UK government. Esaʼs propulsion specialists act as technical auditors, assessing each step in the development of the Sabre concept.

"The positive conclusion of our Preliminary Design Review marks a major milestone in Sabre development," commented Esaʼs Mark Ford.

"It confirms the test version of this revolutionary new class of engine is ready for implementation."

[5]Jonathan.Amos-INTERNET@bbc.co.uk and follow me on Twitter: [6]@BBCAmos

References

Visible links
2. https://www.bbc.co.uk/news/science-environment-20510112
3. https://www.bbc.co.uk/news/science-environment-43732035
4. https://www.bbc.co.uk/news/science-environment-36773074
5. mailto:Jonathan.Amos-INTERNET@bbc.co.uk
6. https://twitter.com/#!/BBCAmos

HackerNewsBot debug: Calculated post rank: 82 - Loop: 150 - Rank min: 80 - Author rank: 43

WhatsApp co-founder accuses Facebook of trading privacy for revenue

WhatsApp co-founder Brian Acton told students to reject Facebook by deleting their apps from their phones in an address at Stanford University in California on Wednesday.
Article word count: 623

HN Discussion: https://news.ycombinator.com/item?id=19406656
Posted by uladzislau (karma: 9376)
Post stats: Points: 87 - Comments: 51 - 2019-03-16T06:35:13Z

\#HackerNews #accuses #co-founder #facebook #for #privacy #revenue #trading #whatsapp

---

Article content:



December 2018: Facebook comes under fire after a bombshell report discovered the firm allowed over 150 companies, including Netflix, Spotify and Bing, to access unprecedented amounts of user data, such as private messages.

Some of these ʼpartnersʼ had the ability to read, write, and delete Facebook usersʼ private messages and to see all participants on a thread.

It also allowed Microsoftʼs search engine, known as Bing, to see the name of all Facebook usersʼ friends without their consent.

Amazon was allowed to obtain usersʼ names and contact information through their friends, and Yahoo could view streams of friendsʼ posts.

As of last year, Sony, Microsoft, and Amazon could all obtain usersʼ email addresses through their friends.

September 2018: Facebook disclosed that it had been hit by its worst ever data breach, affecting 50 million users - including those of Facebook boss Mark Zuckerberg and COO Sheryl Sandberg.

Attackers exploited the siteʼs ʼView Asʼ feature, which lets people see what their profiles look like to other users.

Facebook says it has found no evidence ʼso farʼ that hackers broke into third-party apps after a data breach exposed 50 million users (stock image)

The unknown attackers took advantage of a feature in the code called ʼAccess Tokens,ʼ to take over peopleʼs accounts, potentially giving hackers access to private messages, photos and posts - although Facebook said there was no evidence that had been done.

The hackers also tried to harvest peopleʼs private information, including name, sex and hometown, from Facebookʼs systems.

Facebook said it doesnʼt yet know if information from the affected accounts has been misused or accessed, and is working with the FBI to conduct further investigations.

However, Mark Zuckerberg assured users that passwords and credit card information was not accessed.

As a result of the breach, the firm logged roughly 90 million people out of their accounts earlier today as a security measure.

March 2018: Facebook made headlines earlier this year after the data of 87 million users was improperly accessed by Cambridge Analytica, a political consultancy.

The disclosure has prompted government inquiries into the companyʼs privacy practices across the world, and fueled a ʼ#deleteFacebookʼ movement among consumers.

Communications firm Cambridge Analytica had offices in London, New York, Washington, as well as Brazil and Malaysia.

The company boasts it can ʼfind your voters and move them to actionʼ through data-driven campaigns and a team that includes data scientists and behavioural psychologists.

ʼWithin the United States alone, we have played a pivotal role in winning presidential races as well as congressional and state elections,ʼ with data on more than 230 million American voters, Cambridge Analytica claims on its website.

The company profited from a feature that meant apps could ask for permission to access your own data as well as the data of all your Facebook friends.

The data firm suspended its chief executive, Alexander Nix (pictured), after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump

This meant the company was able to mine the information of 87 million Facebook users even though just 270,000 people gave them permission to do so.

This was designed to help them create software that can predict and influence votersʼ choices at the ballot box.

The data firm suspended its chief executive, Alexander Nix, after recordings emerged of him making a series of controversial claims, including boasts that Cambridge Analytica had a pivotal role in the election of Donald Trump.

This information is said to have been used to help the Brexit campaign in the UK.

It has also suffered several previous issues.

In 2013, Facebook disclosed a software flaw that exposed 6 million usersʼ phone numbers and email addresses to unauthorized viewers for a year, while a technical glitch in 2008 revealed confidential birth-dates on 80 million Facebook usersʼ profiles.

HackerNewsBot debug: Calculated post rank: 75 - Loop: 132 - Rank min: 60 - Author rank: 65

Why entrepreneurs are leaving the Bay Area for their next startup

Silicon Valley rents are soaring and talent is increasingly available elsewhere.
Article word count: 69

HN Discussion: https://news.ycombinator.com/item?id=19402844
Posted by rafaelc (karma: 7909)
Post stats: Points: 118 - Comments: 94 - 2019-03-15T18:42:17Z

\#HackerNews #are #area #bay #entrepreneurs #for #leaving #next #startup #the #their #why

---

Article content:




In launching their next startups, a growing number of founders are choosing to forego the San Francisco Bay Area and its sky-high rents and intense competition for engineering talent. Instead, they are setting up shop in places like Austin, Seattle and even New Mexico.

Why it matters: As technology becomes a growing part of the economy, Silicon Valley canʼt — and probably shouldnʼt be — home to most new startups.

HackerNewsBot debug: Calculated post rank: 110 - Loop: 162 - Rank min: 100 - Author rank: 87

Easy to Remember Color Guide for Non-Designers

NOTE: I'm not a designer. This is what i've self-learnt over the years because i couldn't afford good designers. I don't know if this is scientific. This works for me. I hope it works for you.I think…
Article word count: 357

HN Discussion: https://news.ycombinator.com/item?id=19400870
Posted by ililla (karma: 71)
Post stats: Points: 158 - Comments: 26 - 2019-03-15T16:01:06Z

\#HackerNews #color #easy #for #guide #non-designers #remember

---

Article content:




NOTE: Iʼm not a designer. This is what iʼve self-learnt over the years because i couldnʼt afford good designers. I donʼt know if this is scientific. This works for me. I hope it works for you.

I think you already know that a color is represented by a [1]6 digit code (hex code) containing any permutation of the the six alphabets a,b,c,d,e,f and the nine numbers, 1,2,3,4,5,6,7,8,9. The hex codes i use and describe here are the ones i chanced upon over the years. They are easy to remember and i donʼt need to keep referring to any color picker tool.

For any app, you will need colors for ...

1.
2.
3. Backgrounds, Boxes, Lines

Remember VIBGYOR (Violet, Indigo, Blue, Green, Yellow, Orange, Red) from school days? You can generate a nice VIBGYOR palette using a permutation of just four codes c, f, 6, 9 ... like so ...

Violet, Indigo, Blue, Green // colorhunt.co/palette/143721

Yellow, Orange, Another Orange, Red // colorhunt.co/palette/143722

The colors above are the softer side of their darker variants. The darker colors (for example the darkest red is ff000) are harsh on the eyes and are best avoided.

Prefer soft pastel colors instead? Just remember a,b,c,d,e,f. Using a permutation of these six codes (abcdef, bafedc, etc.) you can generate many soft pastel colors ... like below ...

Just A-B-C-D-E-F // colorhunt.co/palette/143809

Text is usually dark (blacks). Here also i tend to avoid the darkest darks (full black is 000000). I like the colors below because they give me a nice dark blue tint. The codes are also easy to remember. 1a2a3a is darker and you can go all the way to 7a8a9a which is lighter.

Text Colors // colorhunt.co/palette/143727

These are usually grays (or ʼgreysʼ if you insist). Mostly used for backgrounds, table header or table row colors, lines, and, occasionally for text. These hex codes are the easiest to remember.

Grays // colorhunt.co/palette/143728

Thatʼs all there is. Once you get a hang of this it becomes easy to play around and arrive at colors that you like better than what are presented here. I recommend [2]https://colorhunt.co/.

V I B G : [3]https://colorhunt.co/palette/143721 Y O O R : [4]https://colorhunt.co/palette/143722 TEXT : [5]https://colorhunt.co/palette/143727 GREYS : [6]https://colorhunt.co/palette/143728 ABCDEF : [7]https://colorhunt.co/palette/143809​

​

​

References

Visible links
1. https://en.wikipedia.org/wiki/Web_colors
2. https://colorhunt.co/
3. https://colorhunt.co/palette/143721
4. https://colorhunt.co/palette/143722
5. https://colorhunt.co/palette/143727
6. https://colorhunt.co/palette/143728
7. https://colorhunt.co/palette/143809

HackerNewsBot debug: Calculated post rank: 114 - Loop: 224 - Rank min: 100 - Author rank: 355

CowToilet, a Toilet for Cows

CowToilet, the automatically and voluntary urinating system from Hanskamp as solution for ammonia reduction.
Article word count: 515

HN Discussion: https://news.ycombinator.com/item?id=19401970
Posted by Someone (karma: 14466)
Post stats: Points: 138 - Comments: 65 - 2019-03-15T17:26:20Z

\#HackerNews #cows #cowtoilet #for #toilet

---

Article content:




Hanskamp is developing a revolutionary system that will solve the ammonia problem in the dairy industry; the CowToilet. This innovative system is designed to collect a cowʼs urine. By ensuring that the urine stays separated from the manure, there is considerably less ammonia emission. The CowToilet deals with the ammonia problem at the source.

CowToilet, a toilet for cows
Hanskamp has been developing a toilet for cows, the CowToilet, since 2016. The CowToilet is an automatic urinal that cows use voluntarily. The innovation has been designed to collect the urine before it hits the floor. Cows have a nerve reflex that causes them to immediately urinate. With the CowToilet, Hanskamp has managed to automate this long-known technique to make a cow urinate. The CowToilet is placed against the cowʼs suspensory ligament and moves in unison with the cow. The technique locates the nerve. Once located, the nerve, which triggers the urinary reflex, is stimulated and the cow starts urinating. The urine is collected in the CowToilet container and is extracted through a suction line into a separate storage tank.

Noteworthy is that cows visit the CowToilet voluntarily. The visit to the toilet is combined with the receival of their daily portion of feed.

Economic advantages and benefits animal welfare
Because most of the urine is collected, an enormous reduction in ammonia emissions is achieved. This is good for both the environment and animal welfare; a healthier climate in the shed, for example. The CowToilet also offers economic advantages, as it saves on manure depositing costs and may even be an alternative to ammonia emission reducing floors. This system also offers great opportunities for new revenues. Pure urine can be used as a high-quality raw material in, for example, precision fertilisation. There are also ongoing developments in which urine is used to generate ʼyellowʼ power or as a source of hydrogen. The CowToilet by Hanskamp contributes to a sustainable and profitable future in dairy farming.

Ammonia problem
European agreements stipulate a reduction of ammonia emissions. Following this, national limits aimed to reduce emissions have been implemented. Approximately 90% of ammonia emissions come from agriculture, according to Wageningen University & Research (WUR). When manure and urine mix, ammonia is formed. If this is released into the air, it can precipitate in nature, causing large amounts of nitrogen to end up on the ground. Plants can only process up to a certain amount of nitrogen. The remaining amount acidifies the soil and affects the groundwater. High concentrations of ammonia are harmful to humans and animals. To limit ammonia emissions from the agricultural sector, dairy farmers have to pay high fees to meet ammonia emission and manure disposal requirements. Therefore, ammonia reduction is a high priority for many dairy farmers. The CowToilet by Hanskamp is a crucial solution in the field of ammonia reduction.

For pictures of the system and more details on the CowToilet go to: www.hanskamp.nl/en/cowtoilet. The first models are expected to be available from mid-2020. To stay up-to-date on this project and other developments at Hanskamp, make sure you sign up for our newsletter at [1]www.hanskamp.nl/en.

References

Visible links
1. http://www.hanskamp.nl/en/newsletter

HackerNewsBot debug: Calculated post rank: 113 - Loop: 85 - Rank min: 100 - Author rank: 22

Dynamic Programming for Technical Interviews

Probably the first in a multi-part series on DP.
Article word count: 28

HN Discussion: https://news.ycombinator.com/item?id=19395578
Posted by Aditya_Ramesh (karma: 92)
Post stats: Points: 157 - Comments: 80 - 2019-03-15T01:16:14Z

\#HackerNews #dynamic #for #interviews #programming #technical

---

Article content:



Dynamic programming (DP, as I’ll refer to it here on) is a toughie.

I’ve heard a lot of friends and juniors complain about dynamic programming and about how non-intuitive it is.

Plus, problems on DP are pretty standard in most product-company-based hiring challenges, so it seems like a good topic to address on a blog based on algorithms.

Here’s a heads-up to you though, since this article is the first in (maybe, depending on its reception), a multi-part series on DP, this article will focus on setting the groundwork of DP and I’ll dedicate most of this article to explaining how to arrive at the solutions to classical DP problems, and the general pattern of thought that I use when it comes to DP.

This article, I’ll be tackling the following -
\* Coin Change Problem
\* 0-1 Knapsack Problem
\* DP on grids
And I’ll be leaving some more classical variants of DP as exercises.

If you’re already fully confident of why/how the above DP algorithms work correctly, then reading this article may yield little value, and you may be better off waiting for the next article on DP. :)

Should I add future articles, I’ll tackle some non-classical variants of DP, leveraging intuition and logic.

Onto the article!

DP: An Intro

I’ve found myself solving the nicest of DP questions when I leverage recursion.

This is something I’ve often noticed in general, that for me, recursion is very intuitive.

While DP at times does seem confusing, I’ve found from personal experience that thinking of solutions and problems recursively makes reaching a DP solution that much easier.

Let’s take an example -
The Coin Change Problem
Let’s say you have an infinite amount of K different denominations of coins.

You need to find the minimum number of coins to possess a value of N dollars.

For example, if K = 2 and your denominations are {1, 2}, and you want to find the min. number of coins needed to generate N=9 dollars.

Here, it’s pretty obvious that’d be 5 coins (4 two dollar coins + 1 one dollar coin).
Note: A greedy algorithm of selecting the largest available denomination under N at every instant won’t give optimal answers.

Try out the test case: K=3, denominations = {1, 3, 4} and N = 10.

The greedy answer yields 4 coins (4 + 4 + 1 + 1) while the optimal answer is 3 coins (4 + 3 + 3).
Thus, clearly we need to check all possible coin selections we can make.

Now let’s model the problem recursively.

Let’s define a mathematical function f where f(N) tells me the minimum number of coins I need to generate a value of N.

Let’s say I have K denominations.

Now, if I were to take away a coin from my value of N, this coin could be of any denomination, correct?

Basically, N could be re-written as ((N-denom[i]) + denom[i]) for any valid 0<=i<length(denom).

I also know, that denom [i]can be represented as 1 coin (a coin whose value equals denom[i]).

Thus, f(N) = f(N-denom[i]) + 1

This is our general case.

What’s our base case?

If N=0, we need 0 coins.

Similarly, if N<0, its an impossible case, which needs to be handled.

Compiling all this, we have:

def f(n, denom): ans = 10**10 if n<=0: return 0 for i in denom: if n-i>=0: ans = min(ans, 1+f(n-i, denom)) return ans >>> f(10, [1,3,4])
3

Yay!

Now there are a couple of things we need to ensure we’re handling, if we want to port this to DP.
\* No global variables should be modifed in the function
\* Simple, memorizable states (state-space reduction)
And… I’d say that’s it?

Now, we can make denom a global array as we’re not changing it.

This makes our function just have one parameter. The current value, N.

Thus, we have an O(N*K) DP solution to this, as follows -

dp = [-1 for i in range(n)]
def f(n): if dp[n]!=-1: return dp [n]ans = 10**10 if n<=0: return 0 for i in denom: if n-i>=0: ans = min(ans, 1+f(n-i)) dp [n]= ans return ans

And that’s it!
The 0-1 Knapsack Problem
Okay, so let’s say you’re a burglar who has a bag (knapsack) that can carry a total weight of W.

There are N valuable objects in the house you broke into.

Each object i, has a weight of wt [i]and a value of vals[i].

Your task as a burglar is to devise an efficient algorithm that can maximize the net value of objects you can steal from the house provided you place them all in your knapsack.
I hope you don’t have to apply this in seriousness. :P
So, let’s think recursively here.

In general, whenever problems involve multiple solutions where there’s an “option” to choose or ignore an element, I find it suitable to use the current index of the element as a parameter.

So this means that my f() method already has one parameter - int idx

Now let’s think about what our other parameter could be by simulating our burglary.

At any point, when we’re looking at the object at index idx, we have a choice - to take it, or to not take it.

The point of DP is to optimize our solution of “checking all possibilities”, without repeating checking already checked possibilities, right?

So, we have a choice – take the current object, or ignore it.

But let’s say we do take it – we still need to verify if our knapsack can hold it, right?

Lets look at this recursively.

To make sure our current possibility is valid, and to provide insight into our decision as to whether or not can we afford to take the next object, we NEED to know our current knapsack capacity that’s left.

So, our states are (current_index, weight_left).

Let’s see how we can model this as a recursive equation now -

f(current_index, weight_left) = max( f(current_index + 1, weight_left), vals [current_index]+ f(current_index+1, weight_left - wt[current_index]) )

Look closely to the right-hand-side of that equation.

We’re stating:

f(idx, weight) = max( possibility where we don’t take current element, possibility where we do take current element )

It’s important to note that we’ve defined f(idx, weight) to be the maximum value we can obtain assuming we’re at index idx with weight weight left over.

Also, pay attention to the states in the latter possibility, we even update the weight_left parameter to reflect the fact that we’re picking the current object.

Here’s how that looks: (I’ve accidentally switched the order of the states, but that doesn’t matter)

def brute(weightleft, idx): if idx >= n: return 0 if dp[weightleft] [idx]!= -1: return dp[weightleft] [idx]ans = 10**10 ans = brute(weightleft, idx+1) if wts [idx]<= weightleft: ans = max(ans, vals [idx]+ brute(weightleft - wts[idx], idx+1)) dp[weightleft] [idx]= ans return ans # call the function as brute(W, 0)
DP On Grids
This is a pretty common topic under DP.

Consider the following example -

Given an N x M grid, with each cell containing some gold in it, find the maximum amount of gold you can collect, given the following criteria -
\* You start at the top-left corner
\* You must end at the bottom-right corner
\* You can only move to the cell at your right, or to the cell directly below you
Now, given these conditions and information, we need to come up with an O(N*M) solution to solve this problem.

Again, let’s think recursively.

Below I’ve drawn a simple 3 x 3 grid, and labelled each node from 1 to 9.

1 2 3

4 5 6

7 8 9

Note, the numbers above are LABELS and not values, they are only used to identify the cells I’m talking about

Now, look at cell number 5. Since I can only move downward or rightward, the only way to get to cell number 5 is either if I’m coming from cell number 2 or cell number 4.

Similarly, consider cell number 8. The only way to get to cell number 8 is if I’m coming from cell number 7 or cell number 5.

And in any case (excluding the 1st row or 1st column), I’m visiting a cell either from it’s upper neighbor or its left neighbor.

This means, that for any node, the maximum value I can collect when I reach it is -

f(node) = val [node]+ max(f(upper_neighbor), f(left_neighbor))

And that’s it!

That’s our recursive equation!

So let’s formalize this in code, and this time, let’s do this in a bottom-up tabulation manner.

dp = [[0 for i in range(m)] for j in range(n)] dp[0] [0]= A[0] [0]# the top left element has a max value of itself for i in range(n): for j in range(m): # first row if i==0 and j!=0: dp[i] [j]= dp[i][j-1] + A[i] [j]# first column elif i!=0 and j==0: dp[i] [j]= dp[i-1] [j]+ A[i] [j]# general case else: dp[i] [j]= A[i] [j]+ max(dp[i-1][j], dp[i][j-1]) print(dp[n-1][m-1])

Here’s a few homework tasks for you to try out.

They’re fairly simple, and I’ll explain them a bit maybe in the next DP article anyway, so here they are -

Given an N x M grid, find the number of different paths one could take if they start at the top-left corner and end at the bottom-right corner and only move either down or right from each cell.
* Do this in O(N*M)
\* Bonus: Do this in O(N+M)
To summarize -

There are two aspects to DP -
\* Identifying your states
\* Identifying your recurrence relation with those states
Personally, I find it easier to start with determining the recurrence relation, and then trying to lower the states I need to fully track all information I have.

Hopefully this article helped make DP a bit more intuitive.

I plan on orienting the next article more toward the applications of dynamic programming on strings or on graph theory, depending on how well this article is recieved. :)

Cheers!

For more of my work, follow me on:

LinkedIn: [1]https://www.linkedin.com/in/adityaramesh1998/

GitHub: [2]https://github.com/RameshAditya/

Twitter: [3]https://twitter.com/adityaramesh98

References

Visible links
1. https://www.linkedin.com/in/adityaramesh1998/
2. https://github.com/RameshAditya/
3. https://twitter.com/adityaramesh98

HackerNewsBot debug: Calculated post rank: 131 - Loop: 107 - Rank min: 100 - Author rank: 61

Chromium: Secretly stores referer and url for downloaded files (2017)

Reply or subscribe to this bug. Toggle useless messagesView this report as an mbox folder, status mbox, maintainer mbox Report forwarde

HN Discussion: https://news.ycombinator.com/item?id=19389871
Posted by IanSanders (karma: 111)
Post stats: Points: 122 - Comments: 57 - 2019-03-14T15:07:50Z

\#HackerNews #2017 #and #chromium #downloaded #files #for #referer #secretly #stores #url

---

Article content:



[1]version graph

[2]Reply or [3]subscribe to this bug.

[4]Toggle useless messages

View this report as an [5]mbox folder, [6]status mbox, [7]maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Debian Chromium Maintainers pkg-chromium-maint@lists.alioth.debian.org:
Bug#883746; Package chromium. (Thu, 07 Dec 2017 05:45:04 GMT) ([8]full text, [9]mbox, [10]link).

Acknowledgement sent to Adam Borowski kilobyte@angband.pl:
New Bug report received and forwarded. Copy sent to Debian Chromium Maintainers pkg-chromium-maint@lists.alioth.debian.org. (Thu, 07 Dec 2017 05:45:05 GMT) ([11]full text, [12]mbox, [13]link).

[14]Message #5 received at submit@bugs.debian.org ([15]full text, [16]mbox, [17]reply):

Package: chromium
Version: 62.0.3202.89-1
Severity: important Hi!
If you download and save a file with Chromium (even in incognito mode), it
saves potentially sensitive metadata in a way thatʼs completely unknown to
almost all users, even highly technical ones: user.xdg.referrer.url: [18]https://angband.pl/tmp/
user.xdg.origin.url: [19]https://angband.pl/tmp/20130210_001.jpg This photo is embarassing, but not overwhelmingly so. It also, on its own,
appears to include no way to tie to me in particular. Thereʼs EXIF but,
coming from a sane camera, it has no GPS data or whatever. Yet, once the
URL is smuggled, the link to me is obvious, and itʼs easy to distort the
imageʼs story into something that could get someone fired or otherwise
publicly shamed (based on typical kitten behaviour). And it can get worse: imagine (werewolf protection) a kiddie porn image,
or a secret government file ("Hillary and Donald, sitting in a tree,
K.I.S.S.I.N.G.jpg"). In this case, referer is uninteresting, but it can be as bad or worse than
the URL itself. This is a concern when the file is copied to any xattr-preserving media,
such as an USB stick or a CIFS mount -- or, if your computer itself is
imaged/accessed. Meow!
-- System Information:
Debian Release: buster/sid APT prefers unstable-debug APT policy: (500, ʼunstable-debugʼ), (500, ʼunstableʼ), (500, ʼtestingʼ), (150, ʼexperimentalʼ)
Architecture: amd64 (x86_64)
Foreign Architectures: i386 Kernel: Linux 4.15.0-rc2-debug-00195-g50510b7395bf (SMP w/5 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init) Versions of packages chromium depends on:
ii chromium-common 62.0.3202.89-1
ii libasound2 1.1.3-5
ii libatk1.0-0 2.26.1-1
ii libavcodec57 7:3.4-4
ii libavformat57 7:3.4-4
ii libavutil55 7:3.4-4
ii libc6 2.25-3
ii libcairo2 1.15.8-2
ii libcups2 2.2.6-2
ii libdbus-1-3 1.12.2-1.0nosystemd1
ii libevent-2.1-6 2.1.8-stable-4
ii libexpat1 2.2.3-2
ii libflac8 1.3.2-1
ii libfontconfig1 2.12.6-0.1
ii libfreetype6 2.8.1-0.1
ii libgcc1 1:7.2.0-17
ii libgdk-pixbuf2.0-0 2.36.11-1
ii libglib2.0-0 2.54.2-1
ii libgtk2.0-0 2.24.31-4
ii libharfbuzz0b 1.7.1-1
ii libicu57 57.1-8
ii libjpeg62-turbo 1:1.5.2-2+b1
ii liblcms2-2 2.8-4
ii libminizip1 1.1-8+b1
ii libnspr4 2:4.16-1+b1
ii libnss3 2:3.34-1
ii libopus0 1.2.1-1
ii libpango-1.0-0 1.40.13-2
ii libpangocairo-1.0-0 1.40.13-2
ii libpng16-16 1.6.34-1
ii libpulse0 11.1-3.0nosystemd1
ii libre2-3 20170101+dfsg-1
ii libsnappy1v5 1.1.7-1
ii libstdc++6 7.2.0-17
ii libvpx4 1.6.1-3
ii libwebp6 0.6.0-4
ii libwebpdemux2 0.6.0-4
ii libwebpmux3 0.6.0-4
ii libx11-6 2:1.6.4-3
ii libx11-xcb1 2:1.6.4-3
ii libxcb1 1.12-1
ii libxcomposite1 1:0.4.4-2
ii libxcursor1 1:1.1.14-3
ii libxdamage1 1:1.1.4-3
ii libxext6 2:1.3.3-1+b2
ii libxfixes3 1:5.0.3-1
ii libxi6 2:1.7.9-1
ii libxml2 2.9.4+dfsg1-5.1
ii libxrandr2 2:1.5.1-1
ii libxrender1 1:0.9.10-1
ii libxslt1.1 1.1.29-5
ii libxss1 1:1.2.2-1+b2
ii libxtst6 2:1.2.3-1
ii zlib1g 1:1.2.8.dfsg-5 Versions of packages chromium recommends:
ii fonts-liberation 1:1.07.4-5 Versions of packages chromium suggests:
pn chromium-driver
pn chromium-l10n
pn chromium-shell
pn chromium-widevine -- no debconf information

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Chromium Maintainers pkg-chromium-maint@lists.alioth.debian.org:
Bug#883746; Package chromium. (Sat, 09 Dec 2017 02:03:03 GMT) ([20]full text, [21]mbox, [22]link).

Acknowledgement sent to Adam Borowski kilobyte@angband.pl:
Extra info received and forwarded to list. Copy sent to Debian Chromium Maintainers pkg-chromium-maint@lists.alioth.debian.org. (Sat, 09 Dec 2017 02:03:04 GMT) ([23]full text, [24]mbox, [25]link).

[26]Message #10 received at 883746@bugs.debian.org ([27]full text, [28]mbox, [29]reply):

For comparison, Chromium on Windows doesnʼt have this privacy hole: ꜰɪʟᴇ: user.Zone.Identifier:
[ZoneTransfer]ZoneId=3 (Ie, it saves merely whether the file came from this computer, local
network, or the Interwebs at large.) I assume Chromium on Android does, which is a lot worse than regular
computers, as phones get seized/imaged/stolen drastically more often. Meow!
-- // If you believe in so-called "intellectual property", please immediately
// cease using counterfeit alphabets. Instead, contact the nearest temple
// of Amon, whose priests will provide you with scribal services for all
// your writing needs, for Reasonable And Non-Discriminatory prices.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Chromium Team chromium-browser@packages.debian.org:
Bug#883746; Package chromium. (Mon, 17 Sep 2018 13:51:11 GMT) ([30]full text, [31]mbox, [32]link).

Acknowledgement sent to Ken Yap kenyap.com.au@hotmail.com:
Extra info received and forwarded to list. Copy sent to Debian Chromium Team chromium-browser@packages.debian.org. (Mon, 17 Sep 2018 13:51:11 GMT) ([33]full text, [34]mbox, [35]link).

[36]Message #17 received at 883746@bugs.debian.org ([37]full text, [38]mbox, [39]reply):

This is tangentially related but I found that GNU wget (1.19.5 on my system) also stores this information, and there is no way to turn it off; itʼs not mentioned in the documentation. I wonder what the FSFʼs take is on this.

Send a report that [40]this bug log contains spam.
Debian bug tracking system administrator <[41]owner@bugs.debian.org>. Last modified: Thu Mar 14 18:32:23 2019; Machine Name: buxtehude

[42]Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from [43]https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.
References

Visible links
1. https://bugs.debian.org/cgi-bin/version.cgi?package=chromium;found=chromium-browser%2F62.0.3202.89-1;collapse=1;absolute=0;info=1
2. mailto:883746@bugs.debian.org
3. mailto:883746-subscribe@bugs.debian.org
4. javascript:toggle_infmessages();
5. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes
6. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;mboxstatus=yes
7. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;mboxmaint=yes
8. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=2
9. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=2
10. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#1
11. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=4
12. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=4
13. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#3
14. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#5
15. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=5
16. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=5
17. mailto:883746@bugs.debian.org?In-Reply-To=%3C151262522340.31155.193784664288684612.reportbug%40umbar.angband.pl%3E&body=On%20Thu%2C%2007%20Dec%202017%2006%3A40%3A23%20%2B0100%20Adam%20Borowski%20%3Ckilobyte%40angband.pl%3E%20wrote%3A%0A%3E%20Package%3A%20chromium%0A%3E%20Version%3A%2062.0.3202.89-1%0A%3E%20Severity%3A%20important%0A%3E%20%0A%3E%20Hi%21%0A%3E%20If%20you%20download%20and%20save%20a%20file%20with%20Chromium%20%28even%20in%20incognito%20mode%29%2C%20it%0A%3E%20saves%20potentially%20sensitive%20metadata%20in%20a%20way%20that%27s%20completely%20unknown%20to%0A%3E%20almost%20all%20users%2C%20even%20highly%20technical%20ones%3A%0A%3E%20%0A%3E%20user.xdg.referrer.url%3A%20https%3A%2F%2Fangband.pl%2Ftmp%2F%0A%3E%20user.xdg.origin.url%3A%20https%3A%2F%2Fangband.pl%2Ftmp%2F20130210_001.jpg%0A%3E%20%0A%3E%20This%20photo%20is%20embarassing%2C%20but%20not%20overwhelmingly%20so.%20%20It%20also%2C%20on%20its%20own%2C%0A%3E%20appears%20to%20include%20no%20way%20to%20tie%20to%20me%20in%20particular.%20%20There%27s%20EXIF%20but%2C%0A%3E%20coming%20from%20a%20sane%20camera%2C%20it%20has%20no%20GPS%20data%20or%20whatever.%20%20Yet%2C%20once%20the%0A%3E%20URL%20is%20smuggled%2C%20the%20link%20to%20me%20is%20obvious%2C%20and%20it%27s%20easy%20to%20distort%20the%0A%3E%20image%27s%20story%20into%20something%20that%20could%20get%20someone%20fired%20or%20otherwise%0A%3E%20publicly%20shamed%20%28based%20on%20typical%20kitten%20behaviour%29.%0A%3E%20%0A%3E%20And%20it%20can%20get%20worse%3A%20imagine%20%28werewolf%20protection%29%20a%20kiddie%20porn%20image%2C%0A%3E%20or%20a%20secret%20government%20file%20%28%22Hillary%20and%20Donald%2C%20sitting%20in%20a%20tree%2C%0A%3E%20K.I.S.S.I.N.G.jpg%22%29.%0A%3E%20%0A%3E%20In%20this%20case%2C%20referer%20is%20uninteresting%2C%20but%20it%20can%20be%20as%20bad%20or%20worse%20than%0A%3E%20the%20URL%20itself.%0A%3E%20%0A%3E%20This%20is%20a%20concern%20when%20the%20file%20is%20copied%20to%20any%20xattr-preserving%20media%2C%0A%3E%20such%20as%20an%20USB%20stick%20or%20a%20CIFS%20mount%20--%20or%2C%20if%20your%20computer%20itself%20is%0A%3E%20imaged%2Faccessed.%0A%3E%20%0A%3E%20%0A%3E%20Meow%21%0A%3E%20--%20System%20Information%3A%0A%3E%20Debian%20Release%3A%20buster%2Fsid%0A%3E%20%20%20APT%20prefers%20unstable-debug%0A%3E%20%20%20APT%20policy%3A%20%28500%2C%20%27unstable-debug%27%29%2C%20%28500%2C%20%27unstable%27%29%2C%20%28500%2C%20%27testing%27%29%2C%20%28150%2C%20%27experimental%27%29%0A%3E%20Architecture%3A%20amd64%20%28x86_64%29%0A%3E%20Foreign%20Architectures%3A%20i386%0A%3E%20%0A%3E%20Kernel%3A%20Linux%204.15.0-rc2-debug-00195-g50510b7395bf%20%28SMP%20w%2F5%20CPU%20cores%29%0A%3E%20Locale%3A%20LANG%3DC.UTF-8%2C%20LC_CTYPE%3DC.UTF-8%20%28charmap%3DUTF-8%29%2C%20LANGUAGE%3DC.UTF-8%20%28charmap%3DUTF-8%29%0A%3E%20Shell%3A%20%2Fbin%2Fsh%20linked%20to%20%2Fbin%2Fdash%0A%3E%20Init%3A%20sysvinit%20%28via%20%2Fsbin%2Finit%29%0A%3E%20%0A%3E%20Versions%20of%20packages%20chromium%20depends%20on%3A%0A%3E%20ii%20%20chromium-common%20%20%20%20%20%2062.0.3202.89-1%0A%3E%20ii%20%20libasound2%20%20%20%20%20%20%20%20%20%20%201.1.3-5%0A%3E%20ii%20%20libatk1.0-0%20%20%20%20%20%20%20%20%20%202.26.1-1%0A%3E%20ii%20%20libavcodec57%20%20%20%20%20%20%20%20%207%3A3.4-4%0A%3E%20ii%20%20libavformat57%20%20%20%20%20%20%20%207%3A3.4-4%0A%3E%20ii%20%20libavutil55%20%20%20%20%20%20%20%20%20%207%3A3.4-4%0A%3E%20ii%20%20libc6%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%202.25-3%0A%3E%20ii%20%20libcairo2%20%20%20%20%20%20%20%20%20%20%20%201.15.8-2%0A%3E%20ii%20%20libcups2%20%20%20%20%20%20%20%20%20%20%20%20%202.2.6-2%0A%3E%20ii%20%20libdbus-1-3%20%20%20%20%20%20%20%20%20%201.12.2-1.0nosystemd1%0A%3E%20ii%20%20libevent-2.1-6%20%20%20%20%20%20%202.1.8-stable-4%0A%3E%20ii%20%20libexpat1%20%20%20%20%20%20%20%20%20%20%20%202.2.3-2%0A%3E%20ii%20%20libflac8%20%20%20%20%20%20%20%20%20%20%20%20%201.3.2-1%0A%3E%20ii%20%20libfontconfig1%20%20%20%20%20%20%202.12.6-0.1%0A%3E%20ii%20%20libfreetype6%20%20%20%20%20%20%20%20%202.8.1-0.1%0A&References=%3C151262522340.31155.193784664288684612.reportbug%40umbar.angband.pl%3E&subject=Re%3A%20chromium%3A%20secretly%20stores%20referer%20and%20url%20for%20downloaded%20files
18. https://angband.pl/tmp/
19. https://angband.pl/tmp/20130210_001.jpg
20. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=7
21. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=7
22. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#6
23. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=9
24. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=9
25. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#8
26. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#10
27. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=10
28. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=10
29. mailto:883746@bugs.debian.org?subject=Re%3A%20chromium%20on%20Windows&References=%3C20171209020019.jp2ufv7q3a53mhw4%40angband.pl%3E&In-Reply-To=%3C20171209020019.jp2ufv7q3a53mhw4%40angband.pl%3E&body=On%20Sat%2C%209%20Dec%202017%2003%3A00%3A19%20%2B0100%20Adam%20Borowski%20%3Ckilobyte%40angband.pl%3E%20wrote%3A%0A%3E%20For%20comparison%2C%20Chromium%20on%20Windows%20doesn%27t%20have%20this%20privacy%20hole%3A%0A%3E%20%0A%3E%20%EA%9C%B0%C9%AA%CA%9F%E1%B4%87%3A%20user.Zone.Identifier%3A%20%5BZoneTransfer%5D%0A%3E%20ZoneId%3D3%0A%3E%20%0A%3E%20%28Ie%2C%20it%20saves%20merely%20whether%20the%20file%20came%20from%20this%20computer%2C%20local%0A%3E%20network%2C%20or%20the%20Interwebs%20at%20large.%29%0A%3E%20%0A%3E%20%0A%3E%20I%20assume%20Chromium%20on%20Android%20does%2C%20which%20is%20a%20lot%20worse%20than%20regular%0A%3E%20computers%2C%20as%20phones%20get%20seized%2Fimaged%2Fstolen%20drastically%20more%20often.%0A%3E%20%0A%3E%20%0A%3E%20Meow%21%0A%3E%20--%20%0A%3E%20%2F%2F%20If%20you%20believe%20in%20so-called%20%22intellectual%20property%22%2C%20please%20immediately%0A%3E%20%2F%2F%20cease%20using%20counterfeit%20alphabets.%20%20Instead%2C%20contact%20the%20nearest%20temple%0A%3E%20%2F%2F%20of%20Amon%2C%20whose%20priests%20will%20provide%20you%20with%20scribal%20services%20for%20all%0A%3E%20%2F%2F%20your%20writing%20needs%2C%20for%20Reasonable%20And%20Non-Discriminatory%20prices.%0A%3E%20%0A%3E%20%0A
30. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=14
31. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=14
32. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#13
33. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=16
34. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=16
35. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#15
36. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746#17
37. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;msg=17
38. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=883746;mbox=yes;msg=17
39. mailto:883746@bugs.debian.org?subject=Re%3A%20chromium%3A%20secretly%20stores%20referer%20and%20url%20for%20downloaded%20files&References=%3CSYBPR01MB351528265DEE4F94FF306F68B21E0%40SYBPR01MB3515.ausprd01.prod.outlook.com%3E&In-Reply-To=%3CSYBPR01MB351528265DEE4F94FF306F68B21E0%40SYBPR01MB3515.ausprd01.prod.outlook.com%3E&body=On%20Mon%2C%2017%20Sep%202018%2013%3A49%3A23%20%2B0000%20Ken%20Yap%20%3Ckenyap.com.au%40hotmail.com%3E%20wrote%3A%0A%3E%20This%20is%20tangentially%20related%20but%20I%20found%20that%20GNU%20wget%20%281.19.5%20on%20my%0D%0A%3E%20system%29%20also%20stores%20this%20information%2C%20and%20there%20is%20no%20way%20to%20turn%20it%0D%0A%3E%20off%3B%20it%27s%20not%20mentioned%20in%20the%20documentation.%20I%20wonder%20what%20the%20FSF%27s%0D%0A%3E%20take%20is%20on%20this.%0D%0A
40. https://bugs.debian.org/cgi-bin/bugspam.cgi?bug=883746
41. mailto:owner@bugs.debian.org
42. https://www.debian.org/Bugs/
43. https://bugs.debian.org/debbugs-source/

HackerNewsBot debug: Calculated post rank: 100 - Loop: 273 - Rank min: 100 - Author rank: 29

Andrew Yang qualifies for first DNC debate with 65k unique donors

"The Yang Gang has built an army of supporters and small-dollar donors in all 50 states."
Article word count: 92

HN Discussion: https://news.ycombinator.com/item?id=19388652
Posted by yasp (karma: 1500)
Post stats: Points: 131 - Comments: 113 - 2019-03-14T12:38:17Z

\#HackerNews #65k #andrew #debate #dnc #donors #first #for #qualifies #unique #with #yang

---

Article content:




Andrew Yang, a former tech executive who founded Venture for America, [1]announced Tuesday that he has qualified for the first round of the Democratic primary debate by raising money from more than 65,000 unique donors.

The big picture: Yangʼs top 3 policy concerns are universal basic income, Medicare for All and a "human-centered capitalism" approach to the economy. His proposal for universal basic income, his central campaign issue, is grounded in a belief that millions of jobs will be wiped away due to automation.

Go deeper: [2]Everything you need to know about Andrew Yang

References

Visible links
1. https://twitter.com/DJJudd/status/1105483582372495360
2. https://www.axios.com/andrew-yang-2020-presidential-election-factsheet-c93fd5ef-8201-4ba6-878b-72b3edc5a945.html

HackerNewsBot debug: Calculated post rank: 125 - Loop: 213 - Rank min: 100 - Author rank: 41

Children for Sale, 1948

“4 Children for Sale. Inquire within”, Chicago, 1948. The photo first appeared in the The Vidette-Messenger of Valparaiso, Indiana on August 5, 1948. The children looked posed and a bit confused as…
Article word count: 8

HN Discussion: https://news.ycombinator.com/item?id=19383678
Posted by marvindanig (karma: 587)
Post stats: Points: 101 - Comments: 47 - 2019-03-13T20:57:11Z

\#HackerNews #1948 #children #for #sale

---

Article content:




[1]

[IMG]“4 Children for Sale. Inquire within”, Chicago, 1948.

The photo first appeared in the The Vidette-Messenger of Valparaiso, Indiana on August 5, 1948. The children looked posed and a bit confused as their pregnant mother hides her face from the photographer. The caption read: “A big ‘For Sale’ sign in a Chicago yard mutely tells the tragic story of Mr. and Mrs. Ray Chalifoux, who face eviction from their apartment. With no place to turn, the jobless coal truck driver and his wife decide to sell their four children. Mrs. Lucille Chalifoux turns her head from camera above while her children stare wonderingly. On the top step are Lana, 6, and Rae, 5. Below are Milton, 4, and Sue Ellen, 2”.

Family members accused the mother of being paid to stage the photo, which may have been part of the story, but unfortunately, she was dead serious about selling her children. Within two years all of the children pictures, as well as the baby she was carrying at the time, were sold off to different homes.

2 Sue Ellen and her sister RaeAnn Mills reunited at Chalufouxʼs home in Hammond. (Right) RaeAnn Mills holds the dress she was sold in as a child. It is the only physical item she has from the time with her birth mother. Photos taken in 2013.

(Left) Sue Ellen and her sister RaeAnn Mills reunited at Chalufoux’s home in Hammond. (Right) RaeAnn Mills holds the dress she was sold in as a child. It is the only physical item she has from the time with her birth mother. Photos taken in 2013.

RaeAnn Mills, and her brother Milton were sold to the Zoeteman family on August 27, 1950. Their names were changed to Beverly and Kenneth, and although their birth mother’s situation was dire, their new home wasn’t much of a salvation. They were often chained up in a barn and forced to work long hours in the field. Milton remembers being called a “slave” by his new father figure, a label he accepted at the time because he didn’t understand what it meant.

Although it seems that RaeAnn and Milton were never officially adopted by their abusers, their brother David, who was in his mother’s womb at the time of photograph, was legally adopted by Harry and Luella McDaniel, who only lived a few miles away. David, who says his adoptive parents were strict but loving and supportive, remembers riding out on his bike to see his siblings, and unchaining them before going back home.

RaeAnn left home at 17, shortly after undergoing a brutally traumatic situation. As a young teen she was kidnapped and raped, which resulted in a pregnancy. She was sent away to a home for pregnant girls, and had her baby adopted when she returned.

[3]RaeAnn Mills (left) and her brother Milton (right) were sold to the Zoeteman family.

RaeAnn Mills (left) and her brother Milton (right) were sold to the Zoeteman family.

As Milton grew older, he reacted to the beatings, starving, and other abuses with violent rages. A judge deemed him a menace to society, and he spent a number of years in a mental hospital after being forced to choose between that and a reformatory (a juvenile detention center).

The siblings didn’t know what happened with Lana and Sue Ellen, however years later they were able to reconnect with them via social media. Lana had died in 1998 of cancer, but Sue Ellen Chalifoux was still alive. Sue Ellen was raised not far from her original home, growing up in Chicago’s East Side neighborhood. Her opinion about her biological mother: “She needs to be in hell burning”.

The woman in the photograph remarried after selling/giving away her five children, and had four more daughters. When her other children eventually came to see her, she’s described as completely lacking love for her estranged children, or having any regret for letting them go.

David McDaniel defended his mother’s coldness as evidence of a different, hardscrabble world. “As soon as my mom seen me, she said, ‘You look just like your father’”, McDaniel said. “She never apologized. Back then, it was survival. Who are we to judge? We’re all human beings. We all make mistakes. She could’ve been thinking about the children. Didn’t want them to die”. Milton had a different perspective on the situation: “My birth mother, she never did love me. She didn’t apologize for selling me. She hated me so much that she didn’t care”.

(Photo credit: Bettmann/CORBIS).

References

Visible links
1. https://4.bp.blogspot.com/-GIwwisGf-ts/WWgYXTDCXEI/AAAAAAAANMc/H5B34n9BO3E_vXGpKH-FonrTb8eOg3u6ACLcBGAs/s1600/four_children_for_sale_1948.jpg
2. https://4.bp.blogspot.com/-2MR8ThEUQq8/WWgYXebtdcI/AAAAAAAANMU/sARbJyh6x3c__zEm_wBNkGaWiG0guTBngCLcBGAs/s1600/four_children_for_sale_1948_2.jpg
3. https://1.bp.blogspot.com/-tR0aXDbMBZY/WWgYXWZUR6I/AAAAAAAANMY/FIJx0lNId6IlBGMsAbazZBY_iWoMR0xawCLcBGAs/s1600/four_children_for_sale_1948_3.jpg

HackerNewsBot debug: Calculated post rank: 83 - Loop: 390 - Rank min: 80 - Author rank: 17

Why Investigators Fear the Two Boeing 737s Crashed for Similar Reasons

The planes flew in similar erratic patterns, suggesting to experts that an automated system might have malfunctioned on both flights.
Article word count: 627

HN Discussion: https://news.ycombinator.com/item?id=19385980
Posted by ejstronge (karma: 841)
Post stats: Points: 79 - Comments: 52 - 2019-03-14T02:15:08Z

\#HackerNews #737s #boeing #crashed #fear #for #investigators #reasons #similar #the #two #why

---

Article content:




American and Canadian regulators cited newly available satellite-tracking data in [1]grounding all Boeing 737 Max jets on Wednesday, saying there were similarities between the deadly crash involving the plane in Ethiopia on Sunday and a Indonesian flight in October.

The causes of both crashes are still under investigation. But the data cited by regulators points to preliminary indications that the two planes could have been brought down by the same cause, a malfunctioning automated system intended to keep the jet from stalling.

Ethiopian flight path

Chart below is from

this portion of the flight

8:41 a.m.

Last signal

received

Ethiopian flight path

Chart below is from

this portion of the flight

8:41 a.m.

Last signal

received

Ethiopian flight path

Chart below is from

this portion of the flight

By Scott Reinhard | Souce: Path data from Flightradar24

Marc Garneau, Canada’s transport minister, said on Wednesday that the satellite-tracking data revealed “vertical variations” in the Ethiopian Airlines flight reminiscent of those seen before the crash of the Lion Air Boeing 737 Max in Indonesia in October.

The investigation of the Ethiopian crash is still in its early stages, and the full data cited by the authorities has not been publicly released. Many experts cautioned that any conclusions are far from certain and don’t rule out other possibilities, such as pilot error or another malfunctioning system.

But aviation experts who reviewed the patterns in publicly available data said it suggests that the newly installed automated system known as M.C.A.S. may have been activated on the Ethiopian flight and could have contributed to the crash.

Many experts believe that during the first crash, the Indonesian pilots lost their battle with M.C.A.S.

Possibly because of faulty sensor readings, the automated system pushed the nose of the Lion Air plane down. The pilots repeatedly counteracted it and pulled the nose back up, only to be overridden by the system again. Each interval took about 15 to 20 seconds, leaving a repetitive signature on the data for the plane’s vertical speed.

Vertical speed of Lion Air flight (three-minute portion)

Approximate periods of increasing and decreasing vertical speed

Vertical speed of Lion Air flight

(three-minute portion)

Approximate periods of increasing and

decreasing vertical speed

That led to the series of variations of altitude until the pilots crashed.

The public data for the Ethiopian flight is less clear and complete, but it appears to show a similar signature — an interval where the plane was gaining altitude and then leveling out.

Vertical speed of Ethiopian Airlines flight

Approximate periods of increasing and decreasing vertical speed

Vertical speed of Ethiopian Airlines flight

Approximate periods of increasing and

decreasing vertical speed

The Canadian transport minister said that based on satellite data he had reviewed, M.C.A.S. may have played a role.

The oscillation of roughly 15 to 20 seconds is a telltale sign that suggests the M.C.A.S. system may have been involved, said R. John Hansman Jr., a professor of aeronautics and astronautics at the Massachusetts Institute of Technology.

Planes like the Boeing 737 oscillate naturally, he said, because of turbulence and and other effects. But those swings have different time spans: either between five and eight seconds, or a minute or longer. The variations in the intermediate range of 15 or so seconds have no other obvious explanation, he said.

“Even from the available data, there are similarities between the Lion Air case and this case in terms of this 15 second periodicity. That would point toward a similar phenomenon. We’ll know more when we get the flight data recorder,” Professor Hansman said.

Don Thoma, the chief executive of Aireon, the company that provided the new data, said that it “certainly showed something was wrong with the aircraft, and something they should take a hard look at.”

References

Visible links
1. https://www.nytimes.com/2019/03/13/business/canada-737-max.html

HackerNewsBot debug: Calculated post rank: 70 - Loop: 69 - Rank min: 60 - Author rank: 34

Iodide: An experimental Mozilla tool for data exploration on the web

Meet Iodide, an experimental open source tool to help scientists write beautiful interactive documents using web technologies, all within a browser-based iterative workflow that will be familiar to…

HN Discussion: https://news.ycombinator.com/item?id=19383863
Posted by pablobaz (karma: 734)
Post stats: Points: 123 - Comments: 7 - 2019-03-13T21:13:09Z

\#HackerNews #data #experimental #exploration #for #iodide #mozilla #the #tool #web

---

Article content:




In the last 10 years, there has been an explosion of interest in “scientific computing” and “data science”: that is, the application of computation to answer questions and analyze data in the natural and social sciences. To address these needs, we’ve seen a renaissance in programming languages, tools, and techniques that help scientists and researchers explore and understand data and scientific concepts, and to communicate their findings. But to date, very few tools have focused on helping scientists gain unfiltered access to the full communication potential of modern web browsers. So today we’re excited to introduce [1]Iodide, an experimental tool meant to help scientists write beautiful interactive documents using web technologies, all within an iterative workflow that will be familiar to many scientists.

[2]Exploring the Lorenz attractor then examining the code in Iodide

Iodide in action.

Beyond being just a programming environment for creating living documents in the browser, Iodide attempts to remove friction from communicative workflows by always bundling the editing tool with the clean readable document. This diverges from IDE-style environments that output presentational documents like .pdf files (which are then divorced from the original code) and cell-based notebooks which mix code and presentation elements. In Iodide, you can get both a document that looks however you want it to look, and easy access to the underlying code and editing environment.

Iodide is still very much in an alpha state, but following the internet aphorism [3]“If you’re not embarrassed by the first version of your product, you’ve launched too late”, we’ve decided to do a very early soft launch in the hopes of getting feedback from a larger community. We have a demo that [4]you can try out right now, but expect a lot of rough edges (and please don’t use this alpha release for critical work!). We’re hoping that, despite the rough edges, if you squint at this you’ll be able to see the value of the concept, and that the feedback you give us will help us figure out where to go next.

How we got to Iodide

Data science at Mozilla

At Mozilla, the vast majority of our data science work is focused on communication. Though we sometimes deploy models intended to directly improve a user’s experience, such as the recommendation engine that helps users discover browser extensions, most of the time our data scientists analyze our data in order to find and share insights that will inform the decisions of product managers, engineers and executives.

Data science work involves writing a lot of code, but unlike traditional software development, our objective is to answer questions, not to produce software. This typically results in some kind of report — a document, some plots, or perhaps an interactive data visualization. Like many data science organizations, at Mozilla we explore our data using fantastic tools like [5]Jupyter and [6]R-Studio. However, when it’s time to share our results, we cannot usually hand off a Jupyter notebook or an R script to a decision-maker, so we often end up doing things like copying key figures and summary statistics to a Google Doc.

We’ve found that making the round trip from exploring data in code to creating a digestible explanation and back again is not always easy. Research shows that [7]many people share this experience. When one data scientist is reading through another’s final report and wants to look at the code behind it, there can be a lot of friction; sometimes tracking down the code is easy, sometimes not. If they want to attempt to experiment with and extend the code, things obviously get more difficult still. Another data scientist may have your code, but may not have an identical configuration on their machine, and setting that up takes time.

[8]The virtuous cycle of data science work

The virtuous circle of data science work.

Why is there so little web in science?

Against the background of these data science workflows at Mozilla, in late 2017 I undertook a project that called for interactive data visualization. Today you can create interactive visualizations using great libraries for Python, R, and Julia, but for what I wanted to accomplish, I needed to drop down to Javascript. This meant stepping away from my favorite data science environments. Modern web development tools are incredibly powerful, [9]but extremely complicated. I really didn’t want to figure out how to get a fully-fledged Javascript build toolchain with hot module reloading up and running, but short of that I couldn’t find much aimed at creating clean, readable web documents within the live, iterative workflow familiar to me.

I started wondering why this tool didn’t exist — why there’s no Jupyter for building interactive web documents — and soon zoomed out to thinking about why almost no one uses Javascript for scientific computing. Three big reasons jumped out:

1. Javascript itself has a mixed reputation among scientists for being slow and awkward;
2. there aren’t many scientific computing libraries that run in the browser or that work with Javascript; and,
3. as I’d discovered, there are very few scientific coding tools that enable fast iteration loop and also grant unfiltered access to the presentational capabilities in the browser.

These are very big challenges. But as I thought about it more, I began to think that working in a browser might have some real advantages for the kind of communicative data science that we do at Mozilla. The biggest advantage, of course, is that the browser has arguably the most advanced and well-supported set of presentation technologies on the planet, from the [10]DOM to [11]WebGL to [12]Canvas to [13]WebVR.

Thinking on the workflow friction mentioned above, another potential advantage occurred to me: in the browser, the final document need not be separate from the tool that created it. I wanted a tool designed to help scientists iterate on web documents (basically single-purpose web apps for explaining an idea)… and many tools we were using were themselves basically web apps. For the use case of writing these little web-app-documents, why not bundle the document with the tool used to write it?

By doing this, non-technical readers could see my nice looking document, but other data scientists could instantly get back to the original code. Moreover, since the compute kernel would be the browser’s JS engine, they’d be able to start extending and experimenting with the analysis code immediately. And they’d be able to do all this without connecting to remote computing resources or installing any software.

Towards Iodide

I started discussing the potential pros and cons of scientific computing in the browser with my colleagues, and in the course of our conversations, we noticed some other interesting trends.

Inside Mozilla we were seeing a lot of interesting demos showing off [14]WebAssembly, a new way for browsers to run code written in languages other than Javascript. WebAssembly allows programs to be run at incredible speed, in some cases close to native binaries. We were seeing examples of computationally-expensive processes like [15]entire 3D game engines running within the browser without difficulty. Going forward, it would be possible to compile best-in-class C and C++ numerical computing libraries to WebAssembly and wrap them in ergonomic JS APIs, just as the SciPy project does for Python. Indeed, projects had started [16]to [17]do [18]this [19]already.

[20]IFrame

WebAssembly makes it possible to run code at near-native speed in the browser.

We also noticed the Javascript community’s willingness to introduce [21]new syntax when doing so helps people to [22]solve their problem more effectively. Perhaps it would be possible to emulate some of key syntactic elements that make numerical programming more comprehensible and fluid in MATLAB, Julia, and Python — matrix multiplication, multidimensional slicing, broadcast array operations, and so on. Again, we found other people [23]thinking along similar lines.

With these threads converging, we began to wonder if the web platform might be on the cusp of becoming a productive home for scientific computing. At the very least, it looked like it might evolve to serve some of the communicative workflows that we encounter at Mozilla (and that so many others encounter in industry and academia). With the core of Javascript [24]improving all the time and the possibility of adding syntax extensions for numerical programming, perhaps JS itself could be made more appealing to scientists. WebAssembly seemed to offer a path to great science libraries. The third leg of the stool would be an environment for creating data science documents for the web. This last element is where we decided to focus our initial experimentation, which brought us to Iodide.

The anatomy of Iodide

Iodide is a tool designed to give scientists a familiar workflow for creating great-looking interactive documents using the full power of the web platform. To accomplish that, we give you a “report” — basically a web page that you can fill in with your content — and some tools for iteratively exploring data and modifying your report to create something you’re ready to share. Once you’re ready, you can send a link directly to your finalized report. If your colleagues and collaborators want to review your code and learn from it, they can drop back to an exploration mode in one click. If they want to experiment with the code and use it as the basis of their own work, with one more click they can fork it and start working on their own version.

Read on to learn a bit more about some of the ideas we’re experimenting with in an attempt to make this workflow feel fluid.

The Explore and Report Views

Iodide aims to tighten the loop between exploration, explanation, and collaboration. Central to that is the ability to move back and forth between a nice looking write-up and a useful environment for iterative computational exploration.

When you first [25]create a new Iodide notebook, you start off in the “explore view.” This provides a set of panes including an editor for writing code, a console for viewing the output from code you evaluate, a workspace viewer for examining the variables you’ve created during your session, and a “report preview” pane in which you can see a preview of your report.

[26]Editing a Markdown code chunk in Iodideʼs Explore View

Editing a Markdown code chunk in Iodide’s explore view.

By clicking the “REPORT” button in the top right corner, the contents of your report preview will expand to fill the entire window, allowing you to put the story you want to tell front and center. Readers who don’t know how to code or who aren’t interested in the technical details are able to focus on what you’re trying to convey without having to wade through the code. When a reader visits the link to the report view, your code will runs automatically. if they want to review your code, simply clicking the “EXPLORE” button in the top right will bring them back into the explore view. From there, they can make a copy of the notebook for their own explorations.

[27]Moving from Explore to Report View.

Moving from explore to report view.

Whenever you share a link to an Iodide notebook, your collaborator can always access to both of these views. The clean, readable document is never separated from the underlying runnable code and the live editing environment.

Live, interactive documents with the power of the Web Platform

Iodide documents live in the browser, which means the computation engine is always available. Whenever you share your work, you share a live interactive report with running code. Moreover, since the computation happens in the browser alongside the presentation, there is no need to call a language backend in another process. This means that interactive documents update in real-time, opening up the possibility of [28]seamless 3D visualizations, even with the [29]low-latency and high frame-rate required for VR.

[30]MRI

Contributor Devin Bayly explores MRI data of his brain

Sharing, collaboration, and reproducibility

Building Iodide in the web simplifies a number of the elements of workflow friction that we’ve encountered in other tools. Sharing is simplified because the write-up and the code are available at the same URL rather than, say, pasting a link to a script in the footnotes of a Google Doc. Collaboration is simplified because the compute kernel is the browser and libraries can be loaded via an HTTP request like any webpage loads script — no additional languages, libraries, or tools need to be installed. And because browsers provide a compatibility layer, you don’t have to worry about notebook behavior being reproducible across computers and OSes.

To support collaborative workflows, we’ve built a fairly simple server for saving and sharing notebooks. There is a public instance at [31]iodide.io where you can experiment with Iodide and share your work publicly. It’s also possible to set up your own instance behind a firewall (and indeed this is what we’re already doing at Mozilla for some internal work). But importantly, the notebooks themselves are not deeply tied to a single instance of the Iodide server. Should the need arise, it should be easy to migrate your work to another server or export your notebook as a bundle for sharing on other services like Netlify or Github Pages (more on exporting bundles below under “What’s next?”). Keeping the computation in the client allows us to focus on building a really great environment for sharing and collaboration, without needing to build out computational resources in the cloud.

Pyodide: The Python science stack in the browser

When we started thinking about making the web better for scientists, we focused on ways that we could make working with Javascript better, like compiling existing scientific libraries to WebAssembly and wrapping them in easy to use JS APIs. When we proposed this to [32]Mozilla’s WebAssembly wizards, they offered a more ambitious idea: if many scientists prefer Python, meet them where they are by compiling the Python science stack to run in WebAssembly.

We thought this sounded daunting — that it would be an enormous project and that it would never deliver satisfactory performance… but two weeks later [33]Mike Droettboom had a working implementation of Python running inside an Iodide notebook. Over the next couple months, we added Numpy, Pandas, and Matplotlib, which are [34]by far the most used modules in the Python science ecosystem. With help from contributors Kirill Smelkov and Roman Yurchak at [35]Nexedi, we landed support for Scipy and scikit-learn. Since then, we’ve continued adding [36]other libraries bit by bit.

Running the Python interpreter inside a Javascript virtual machine adds a performance penalty, but that penalty turns out to be surprisingly small — in our benchmarks, around 1x-12x slower than native on Firefox and 1x-16x slower on Chrome. Experience shows that this is very usable for interactive exploration.

[37]Matplotlib running in the browser

Running Matplotlib in the browser enables its interactive features, which are unavailable in static environments

Bringing Python into the browser creates some magical workflows. For example, you can import and clean your data in Python, and then access the resulting Python objects from Javascript (in most cases, the conversion happens automatically) so that you can display them using JS libraries like [38]d3. Even more magically, you can access browser APIs from Python code, allowing you to do things like [39]manipulate the DOM without touching Javascript.

Of course, there’s a lot more to say about [40]Pyodide, and it deserves an article of its own — we’ll go into more detail in a follow up post next month.

JSMD (JavaScript MarkDown)

Just as in Jupyter and R’s R-Markdown mode, in Iodide you can interleave code and write-up as you wish, breaking your code into “code chunks” that you can modify and run as a separate units. Our implementation of this idea parallels R Markdown and MATLAB’s “cell mode”: rather than using an explicitly cell-based interface, the content of an Iodide notebook is just a text document that uses a special syntax to delimit specific types of cells. We call this text format “JSMD”.

Following MATLAB, code chunks are defined by lines starting with %% followed by a string indicating the language of the chunk below. We currently support chunks containing Javascript, CSS, Markdown (and HTML), Python, a special “fetch” chunk that simplifies loading resources, and a plugin chunk that allows you to extend Iodide’s functionality by adding new cell types.

We’ve found this format to be quite convenient. It makes it easy to use text-oriented tools like diff viewers and your own favorite text editor, and you can perform standard text operations like cut/copy/paste without having to learn shortcuts for cell management. For more details you can [41]read about JSMD in our docs.

What’s next?

It’s worth repeating that we’re still in alpha, so we’ll be continuing to improve overall polish and squash bugs. But in addition to that, we have a number of features in mind for our next round of experimentation. If any of these ideas jump out as particularly useful, let us know! Even better, let us know if you’d like to help us build them!

Enhanced collaborative features

As mentioned above, so far we’ve built a very simple backend that allows you to save your work online, look at work done by other people, and quickly fork and extend existing notebooks made by other users, but these are just the initial steps in a useful collaborative workflow.

The next three big collaboration features we’re looking at adding are:

1. Google Docs-style comment threads
2. The ability to suggest changes to another user’s notebook via a fork/merge workflow similar to Github pull requests
3. Simultaneous notebook editing like Google Docs.

At this point, we’re prioritizing them in roughly that order, but if you would tackle them in a different order or if you have other suggestions, let us know!

More languages!

We’ve spoken to folks from the R and Julia communities about compiling those languages to WebAssembly, which would allow their use in Iodide and other browser-based projects. Our initial investigation indicates that this should be doable, but that implementing these languages might be a bit more challenging than Python. As with Python, some cool workflows open up if you can, for example, fit statistical models in R or solve differential equations in Julia, and then display your results using browser APIs. If bringing these languages to the web interests you, please reach out — in particular, we’d love help from FORTRAN and LLVM experts.

Export notebook archive

Early versions of Iodide were self-contained runnable HTML files, which included both the JSMD code used in the analysis, and the JS code used to run Iodide itself, but we’ve moved away from this architecture. Later experiments have convinced us that the collaboration benefits of having an Iodide server outweigh the advantages of managing files on your local system. Nonetheless, these experiments showed us that it’s possible to take a runnable snapshot of an Iodide notebook by inling the Iodide code along with any data and libraries used by a notebook into one big HTML file. This might end up being a bigger file than you’d want to serve to regular users, but it could prove useful as a perfectly reproducible and archivable snapshot of an analysis.

Iodide to text editor browser extension

While many scientists are quite used to working in browser-based programming environments, we know that some people will never edit code in anything [42]other than their favorite text editor. We really want Iodide to meet people where they are already, including those who prefer to type their code in another editor but want access to the interactive and iterative features that Iodide provides. To serve that need, we’ve started thinking about creating a lightweight browser extension and some simple APIs to let Iodide talk to client-side editors.

Feedback and collaboration welcome!

We’re not trying to solve all the problems of data science and scientific computing, and we know that Iodide will not be everyone’s cup of tea. If you need to process terabytes of data on GPU clusters, Iodide probably doesn’t have much to offer you. If you are publishing journal articles and you just need to write up a LaTeX doc, then there are better tools for your needs. If the whole trend of bringing things into the browser makes you cringe a little, no problem — there are a host of really amazing tools that you can use to do science, and we’re thankful for that! We don’t want to change the way anyone works, and for many scientists web-focused communication is beside the point. Rad! Live your best life!

But for those scientists who do produce content for the web, and for those who might like to do so if you had tools designed to support the way you work: we’d really love to hear from you!

Please visit [43]iodide.io, try it out, and give us feedback (but again: keep in mind that this project is in alpha phase — please don’t use it for any critical work, and please be aware that while we’re in alpha everything is subject to change). You can [44]take our quick survey, and [45]Github issues and bug reports are very welcome. Feature requests and thoughts on the overall direction can be shared via our [46]Google group or [47]Gitter.

If you’d like to get involved in helping us build Iodide, [48]we’re open source on Github. Iodide touches a wide variety of software disciplines, from modern frontend development to scientific computing to compilation and transpilation, so there are a lot of interesting things to do! Please reach out if any of this interests you!

Huge thanks to [49]Hamilton Ulmer, [50]William Lachance, and [51]Mike Droettboom for their great work on Iodide and for reviewing this article.

References

Visible links
1. http://iodide.io/
2. http://iodide.io/notebooks/34/?viewMode=report
3. https://www.linkedin.com/pulse/arent-any-typos-essay-we-launched-too-late-reid-hoffman/
4. https://iodide.io/tryit
5. https://jupyter.org/
6. https://www.rstudio.com/
7. https://hal.archives-ouvertes.fr/hal-01676633/document
9. https://hackernoon.com/how-it-feels-to-learn-javascript-in-2016-d3a717dd577f
10. https://developer.mozilla.org/en-US/docs/Web/API/Document_Object_Model
11. https://developer.mozilla.org/en-US/docs/Web/API/WebGL_API
12. https://developer.mozilla.org/en-US/docs/Web/API/Canvas_API
13. https://developer.mozilla.org/en-US/docs/Web/API/WebVR_API
14. https://webassembly.org/
15. https://hacks.mozilla.org/2017/07/webassembly-for-native-games-on-the-web/
16. https://github.com/likr/emlapack
17. https://github.com/mljs/libsvm
18. https://github.com/stdlib-js/stdlib
19. https://www.npmjs.com/package/cephes
20. https://www.youtube.com/embed/TwuIRcpeUWE?feature=oembed
21. https://reactjs.org/docs/introducing-jsx.html
22. https://flow.org/
23. https://github.com/antimatter15/babel-experiments/tree/master/watlab
24. https://github.com/tc39/proposals
25. https://iodide.io/tryit
28. https://iodide.io/notebooks/34/?viewMode=report
29. https://iodide.io/notebooks/337/?viewMode=report
30. http://iodide.io/notebooks/194/?viewMode=report
31. http://iodide.io/
32. https://research.mozilla.org/webassembly/
33. https://github.com/mdboom
34. https://github.com/activityhistory/jupyter_on_github/blob/master/notebooks/9_notebook_clustering.ipynb
35. https://www.nexedi.com/
36. https://github.com/iodide-project/pyodide/tree/master/packages
38. https://d3js.org/
39. https://iodide.io/notebooks/300
40. https://github.com/iodide-project/pyodide
41. https://iodide-project.github.io/docs/jsmd/
42. https://blog.harterrt.com/coding_in_textboxes.html
43. https://extremely-alpha.iodide.io/
44. https://qsurvey.mozilla.com/s3/scientific-computing-survey
45. https://github.com/iodide-project/iodide/issues/new
46. https://groups.google.com/forum/#!forum/iodide-dev
47. https://gitter.im/iodide-project/iodide
48. https://github.com/iodide-project/iodide
49. https://github.com/hamilton
50. https://wrla.ch/
51. https://github.com/mdboom

HackerNewsBot debug: Calculated post rank: 84 - Loop: 179 - Rank min: 80 - Author rank: 78

Launch HN: Axdraft (YC W19) - Legal documents for startups in minutes

Hi HN! We are Yuriy and Oleg, founders of Axdraft (https://business.axdraft.com/en/business). Axdraft offers free legal documents for startups.

We have built Axdraft, because we believe that sometimes founders don’t need 20-page ironclad contract, 2 weeks of negotiations and detailed explanation of all risks. On early stages you just want to have a good, balanced agreement fast to move the deal forward while it's hot. The biggest difficulty here is that lawyers push us to perceive contracts as unique and, therefore, not possible to automate. Usually, by saying unique, they mean that there are 20-50 possible variations of a clause in the contract.

We are a team of brothers, who combine legal and tech expertise, Yuriy was a lawyer for almost 8 years at one of top law firms in Europe and when he started noticing that even the most complex legal transactions have many patterns, he reached out to his brother Oleg, who at that time was Senior Software Engineer at Booking.com in Amsterdam.

We teamed up to try to figure out and automate most common variations and allow any young startup, as ourselves to draft a document, which they need now. We spoke to about 100 founders and came up with a list of top-6 contracts startups use, including: (1) NDA; (2) Pilot agreement; (3) Services agreement; (4) SaaS agreement; (5) SAFE; and (6) Employee onboarding. We are already working on Terms of Service, Privacy Policy, Founders Agreement and LoI, which are top-4 documents requested by users. We will be more than happy to add other documents upon your request.

Our main differences compared to Clerky, LegalZoom, RocketLawyer and similar solutions are:

• we focus on startups, which makes the content more tailored; 2. we offer documents for free, because I see little value in the legal document itself. The main value of a lawyer, in our view, is in counseling, sharing the liability and providing you assurances; 3. we offer plain English description of the implications for each choice you are offered when drafting a document; 4. to use Axdraft you don’t have to register, because we want to create flawless and super-fast experience for founders to create legal documents; 5. we are happy to customize documents of registered users with their logos, company details and some custom language upon request.

We intend to monetize Axdraft by giving an option for startups to submit any document drafted with Axdraft or a document they received from third party for approval or review by a lawyer for a small fixed fee, which would still be much more affordable than engaging a law firm.

Currently, we offer founder to founder review, which is not a legal review at all, but more a business advice from a fellow founder, who is eager to share his experience with similar contracts.

We estimate the market for this product to be less than 1 bln USD at the moment, but we expect it to grow as the number of startups founded each year increases and as we expand into a larger 7 bln USD market of small businesses (under 20 employees) in the US.

We are really excited to hear your feedback about Axdraft. Please try it out at https://business.axdraft.com (registration is not required) and let us know what you think.

HN Discussion: https://news.ycombinator.com/item?id=19372623
Posted by yuriy_zaremba (karma: 61)
Post stats: Points: 144 - Comments: 55 - 2019-03-12T20:24:47Z

\#HackerNews #axdraft #documents #for #launch #legal #minutes #startups #w19
HackerNewsBot debug: Calculated post rank: 114 - Loop: 356 - Rank min: 100 - Author rank: 21

Boeing 737 Max pilots complained to feds for months about suspected safety flaw

Pilots repeatedly voiced safety concerns about the Boeing 737 Max 8 to federal authorities, with one captain calling the flight manual inadequate...
Article word count: 1071

HN Discussion: https://news.ycombinator.com/item?id=19373216
Posted by mbgaxyz (karma: 3261)
Post stats: Points: 150 - Comments: 53 - 2019-03-12T21:26:24Z

\#HackerNews #737 #about #boeing #complained #feds #flaw #for #max #months #pilots #safety #suspected

---

Article content:




Pilots repeatedly voiced safety concerns about the Boeing 737 Max 8 to federal authorities, with one captain calling the flight manual "inadequate and almost criminally insufficient" several months before Sundayʼs Ethiopian Air crash that killed 157 people, an investigation by The Dallas Morning News found.

The News found at least five complaints about the Boeing model in a federal database where pilots can voluntarily report about aviation incidents without fear of repercussions.

The complaints are about the safety mechanism cited in [1]preliminary reports for an October plane crash in Indonesia that killed 189.

The disclosures found by The News reference problems during Boeing 737 Max 8 flights with an autopilot system, and they all occurred while trying to gain altitude during takeoff -- many mentioned the plane turning nose down suddenly. While records show these flights occurred during October and November, the information about which airlines the pilots were flying for is redacted from the database.

Records show a captain who flies the Max 8 complained in November that it was "unconscionable" that the company and federal authorities allowed pilots to fly the planes without adequate training or fully disclosing information about how its systems were different from other planes.

The captainʼs complaint was logged after the FAA released [2]an emergency airworthiness directive about the Boeing 737 Max 8 in response to the crash of Lion Air Flight 610 in Indonesia.

An FAA spokesman said the reports found by The News were filed directly to NASA, which serves as a neutral third party for reporting purposes.

Tuesday evening, the agency issued a statement from Administrator Daniel K. Elwell, saying it "continues to review extensively all available data and aggregate safety performance from operators and pilots of the Boeing 737 MAX."

"Thus far, our review shows no systemic performance issues and provides no basis to order grounding the aircraft. Nor have other civil aviation authorities provided data to us that would warrant action," Elwell said in the statement.

A [3]federal audit in 2014 said that the FAA does not collect and analyze its voluntary disclosure reporting in a way that would effectively identify national safety risks.

[4]American and Southwest will still fly Boeing 737 Max as airlines ground planes

U.S. regulators are mandating that Boeing upgrade the planeʼs software by April but have so far declined to ground the planes. China, Australia and the European Union have grounded the 737 Max 8, leaving the U.S. and Canada as the only two countries flying a substantial number of the aircraft.

Sen. Ted Cruz (R-Texas), who leads a Senate subcommittee overseeing aviation, said in a statement Tuesday that U.S. authorities should ground the planes.

"Further investigation may reveal that mechanical issues were not the cause, but until that time, our first priority must be the safety of the flying public," Cruz said.

At least 18 carriers — including American Airlines and Southwest Airlines, the two largest U.S. carriers flying the 737 Max 8 — have also declined to ground planes, saying they are confident in the safety and "airworthiness" of their fleets. American and Southwest have 24 and 34 of the aircraft in their fleets, respectively.

"The United States should be leading the world in aviation safety," said John Samuelsen, the president of a union representing transport workers that called Tuesday for the planes to be grounded. "And yet, because of the lust for profit in the American aviation, weʼre still flying planes that dozens of other countries and airlines have now said need to be grounded."

The fifth complaint from the captain who called into question the 737 Max 8ʼs flight manual ended: "The fact that this airplane requires such jury-rigging to fly is a red flag. Now we know the systems employed are error-prone — even if the pilots arenʼt sure what those systems are, what redundancies are in place and failure modes. I am left to wonder: what else donʼt I know?"

The Maneuvering Characteristics Augmentation System (MCAS) was included on the Max 8 model aircraft as a safety mechanism that would automatically correct a plane entering a stall pattern. If the plane loses lift under its wings during takeoff and the nose begins to point far upward, the system kicks in and automatically pushes the nose of the plane down.

After the Lion Air crash, the FAA issued an airworthiness directive that said: "This condition, if not addressed, could cause the flight crew to have difficulty controlling the airplane, and lead to excessive nose-down attitude, significant altitude loss, and possible impact with terrain."

Officials have not yet determined what caused Ethiopian Airlines Flight 302 to nosedive into the ground on Sunday, but many experts have noted similarities between this weekʼs crash and the one in Indonesia.

A spokesperson for Dallas-based Southwest Airlines told The News that it hasnʼt received any reports of issues with MCAS from its pilots, "nor do any of our thousands of data points from the aircraft indicate any issues with MCAS."

Fort Worth-based American Airlines did not respond to questions from The News.

The FAA issued a statement to The News Tuesday afternoon that said that it is "collecting data and keeping in contact with international civil aviation authorities as information becomes available."

"The FAA continuously assesses and oversees the safety performance of U.S. commercial aircraft. If we identify an issue that affects safety, the FAA will take immediate and appropriate action."

Jon Weaks, president of the Southwest Airlines Pilots Association, said in a press release Monday night: "We fully support Southwest Airlinesʼ decision to continue flying the MAX and the FAAʼs findings to date."

Boeing, which posted a record $101 billion in revenue last year, issued a new statement Tuesday saying that no grounding of planes was necessary. "Based on the information currently available, we do not have any basis to issue new guidance to operators," the company said.

Samuelsen of the transport workers union said itʼs "unconscionable" that the FAA has not yet grounded the planes in the U.S., given the number of deaths that have occurred.

"This pressure should not be on these pilots to overcome an engineering flaw that Boeing themselves acknowledges," said Samuelsen.

How can I check whether my flight is on a 737 Max?

If you already have a ticket, you should be able to tell from the booking details. If you are making a booking online, many sites indicate the model. If not, websites such as [5]http://flightstats.com allow you to dig into details of flights at least a few days in advance, including the make and type.

Bloomberg News

References

Visible links
1. http://knkt.dephub.go.id/knkt/ntsc_aviation/baru/pre/2018/2018%20-%20035%20-%20PK-LQP%20Preliminary%20Report.pdf
2. http://rgl.faa.gov/Regulatory_and_Guidance_Library/rgad.nsf/0/fe8237743be9b8968625835b004fc051/$FILE/2018-23-51_Correction.pdf
3. https://www.oig.dot.gov/sites/default/files/FAA%E2%80%99s%20Oversight%20of%20the%20Voluntary%20Disclosure%20Reporting%20Program%5E4-10-14.pdf
4. https://www.dallasnews.com/business/airlines/2019/03/11/american-southwest-will-still-fly-boeing-737-max-airlines-ground-planes
5. http://flightstats.com/

HackerNewsBot debug: Calculated post rank: 117 - Loop: 66 - Rank min: 100 - Author rank: 39

“HackerNoon is leaving Medium, but also trying to take rights for people's work”

“So HackerNoon is quietly leaving Medium, but also trying to take the rights for thousands of people's work with them and shit's going down... First an unsolicited email asking for license to my work,…
Article word count: 672

HN Discussion: https://news.ycombinator.com/item?id=19371214
Posted by waffle_ss (karma: 8409)
Post stats: Points: 123 - Comments: 76 - 2019-03-12T18:12:30Z

\#HackerNews #also #but #for #hackernoon #leaving #medium #peoples #rights #take #trying #work

---

Article content:



[1] [IMG][2]Owen Williams ⚡‏Verified account @ow [3]8h8 hours ago
\* 
\* 
So HackerNoon is quietly leaving Medium, but also trying to take the rights for thousands of peopleʼs work with them and shitʼs going down... First an unsolicited email asking for license to my work, then Medium explaining that they canʼt force you to do that.[4]pic.twitter.com/WbTqzYC23p

[5] [IMG][6]Owen Williams ⚡‏Verified account @ow [7]7h7 hours ago
\* 
\* 
HackerNoonʼs CEO [8]@davidsmooke just emailed and said they donʼt actually want an unlimited license to anyoneʼs content, just a non-exclusive one and will clarify it. Theyʼre moving off because: - Medium halted their revenue stream last year - It no longer supports publications

Show this thread
[9] [IMG][10]Blair Reeves‏ @BlairReeves [11]7h7 hours ago
\* 
\* 
Replying to [12]@ow

Always, always, always own your own platform.[13]http://blairreeves.me/2019/03/08/taking-control-of-your-internet/ …

[14] [IMG][15]Owen Williams ⚡‏Verified account @ow [16]7h7 hours ago
\* 
\* 
Replying to [17]@BlairReeves

I own my own platform, but itʼs becoming exceedingly rare given how much complexity it involves.

[18] [IMG][19]Blair Reeves‏ @BlairReeves [20]7h7 hours ago
\* 
\* 
Replying to [21]@ow

I agree that it’s becoming rarer, but I think many folks believe it’s harder than it really is! I wish more people would try it.[22]http://blairreeves.me/2019/01/10/yes-you-should-blog/ …

[23] [IMG][24]Ian Nuttall ☠️‏ @iannuttall [25]7h7 hours ago
\* 
\* 
Replying to [26]@ow

I donʼt think they are trying to take the rights to your work. Seems like itʼs still your content wherever they go, it just wonʼt be on Medium?

[27] [IMG][28]Owen Williams ⚡‏Verified account @ow [29]7h7 hours ago
\* 
\* 
Replying to [30]@iannuttall

they are trying to fully/entirely license it to publish on their own platform. They never had that at all on Medium.

[31] [IMG][32]Ian Nuttall ☠️‏ @iannuttall [33]7h7 hours ago
\* 
\* 
Replying to [34]@ow

I obviously donʼt know what their terms say but from screenshot it says itʼs still your content. If the terms are vastly different to Medium then thatʼs not cool

[35] [IMG][36]David Smooke‏ @DavidSmooke [37]2h2 hours ago
\* 
\* 
Replying to [38]@iannuttall [39]@ow

Hey [40]@iannuttall and [41]@ow, we are trying to make a simple non-exclusive license. We’ve taken your feedback on the existing ToS for Hacker Noon and will be updating that soon. We are independent writers and curators ourselves, so we have no interest in owning your content.

[42] [IMG][43]Brad Sams‏Verified account @bdsams [44]8h8 hours ago
\* 
\* 
Replying to [45]@ow

friendly reminder that if you donʼt own the platform you dont own the content.

[46] [IMG][47]Torch 👨‍💻‏ @torchatlas [48]7h7 hours ago
\* 
\* 
Replying to [49]@bdsams [50]@ow

Unless the platform says otherwise

[51] [IMG][52]Brad Sams‏Verified account @bdsams [53]7h7 hours ago
\* 
\* 
Replying to [54]@torchatlas [55]@ow

until they change their mind

[56] [IMG] [57]👀 Yury Molodtsov‏ @y_molodtsov [58]7h7 hours ago
\* 
\* 
Replying to [59]@bdsams [60]@torchatlas [61]@ow

You still own it unless you accept new user agreement.

[62] [IMG][63]Geet Khosla‏ @geetkhosla [64]8h8 hours ago
\* 
\* 
Replying to [65]@ow

Why are they doing that?

[66] [IMG][67]David Smooke‏ @DavidSmooke [68]2h2 hours ago
\* 
\* 
Replying to [69]@geetkhosla [70]@ow

David Smooke Retweeted David Smooke

Hey [71]@geetkhosla, working with mediumʼs content management system was no longer a viable business and we are listening to community to improve terms. More info.[72]https://twitter.com/DavidSmooke/status/1105520864043261953 …

David Smooke added,

David Smooke @DavidSmooke
Hey Internet [73]👋 What a day/night in the life! Thank you everyone for your feedback. [74]👇 [75]👇 [76]👇 pic.twitter.com/zU6Kmu7eCo
[77] [IMG][78]Ian Misner‏ @IanMisner [79]8h8 hours ago
\* 
\* 
Replying to [80]@ow

I donʼt even know who to side with

[81] [IMG][82]Dean Praetorius‏Verified account @DeanPraetorius [83]5h5 hours ago
\* 
\* 
Replying to [84]@ow

is this what divorce feels like?

[85] [IMG] [86]⚡️ Lucy‏ @vonStrum [87]7h7 hours ago
\* 
\* 
Replying to [88]@ow

What? I’ve also had an article published on Hacker Noon. This is bull!

[89] [IMG][90]David Smooke‏ @DavidSmooke [91]2h2 hours ago
\* 
\* 
Replying to [92]@vonStrum [93]@ow

Hey [94]@vonStrum weʼre trying to make a simple non-exclusive license, and have listened to feedback on the existing ToS for Hacker Noon so that we we can update & improve it soon. You can also remove content any time. We are independent curators w/ no interest in owning your content

[95] [IMG][96]Syllable‏ @syllablehq [97]2h2 hours ago
\* 
\* 
Replying to [98]@ow

Syllable recently switched our blog from Medium to [99]@tryghost and was quite impressed. Definitely recommended. Hereʼs Syllableʼs new self-hosted blog that we built on Ghost.[100]https://blog.syllablehq.com/

[101] [IMG][102]anthony‏ @ordietrying [103]2h2 hours ago
\* 
\* 
Replying to [104]@ow

“If you don’t own your masters, your masters own you.” – Prince

References

Visible links
1. https://twitter.com/ow
2. https://twitter.com/ow
3. https://twitter.com/ow/status/1105450808580231170
4. https://t.co/WbTqzYC23p
5. https://twitter.com/ow
6. https://twitter.com/ow
7. https://twitter.com/ow/status/1105462220517969920
8. https://twitter.com/DavidSmooke
9. https://twitter.com/BlairReeves
10. https://twitter.com/BlairReeves
11. https://twitter.com/BlairReeves/status/1105454968323092480
12. https://twitter.com/ow
13. https://t.co/PERYSWuWab
14. https://twitter.com/ow
15. https://twitter.com/ow
16. https://twitter.com/ow/status/1105455197650739200
17. https://twitter.com/BlairReeves
18. https://twitter.com/BlairReeves
19. https://twitter.com/BlairReeves
20. https://twitter.com/BlairReeves/status/1105456096616108032
21. https://twitter.com/ow
22. https://t.co/jQiwklZrwX
23. https://twitter.com/iannuttall
24. https://twitter.com/iannuttall
25. https://twitter.com/iannuttall/status/1105453400521654276
26. https://twitter.com/ow
27. https://twitter.com/ow
28. https://twitter.com/ow
29. https://twitter.com/ow/status/1105454870021226501
30. https://twitter.com/iannuttall
31. https://twitter.com/iannuttall
32. https://twitter.com/iannuttall
33. https://twitter.com/iannuttall/status/1105460605933232129
34. https://twitter.com/ow
35. https://twitter.com/DavidSmooke
36. https://twitter.com/DavidSmooke
37. https://twitter.com/DavidSmooke/status/1105531202855788545
38. https://twitter.com/iannuttall
39. https://twitter.com/ow
40. https://twitter.com/iannuttall
41. https://twitter.com/ow
42. https://twitter.com/bdsams
43. https://twitter.com/bdsams
44. https://twitter.com/bdsams/status/1105451088361197569
45. https://twitter.com/ow
46. https://twitter.com/torchatlas
47. https://twitter.com/torchatlas
48. https://twitter.com/torchatlas/status/1105455192542142464
49. https://twitter.com/bdsams
50. https://twitter.com/ow
51. https://twitter.com/bdsams
52. https://twitter.com/bdsams
53. https://twitter.com/bdsams/status/1105457545831956480
54. https://twitter.com/torchatlas
55. https://twitter.com/ow
56. https://twitter.com/y_molodtsov
57. https://twitter.com/y_molodtsov
58. https://twitter.com/y_molodtsov/status/1105459594887905287
59. https://twitter.com/bdsams
60. https://twitter.com/torchatlas
61. https://twitter.com/ow
62. https://twitter.com/geetkhosla
63. https://twitter.com/geetkhosla
64. https://twitter.com/geetkhosla/status/1105451271371321344
65. https://twitter.com/ow
66. https://twitter.com/DavidSmooke
67. https://twitter.com/DavidSmooke
68. https://twitter.com/DavidSmooke/status/1105536902336176128
69. https://twitter.com/geetkhosla
70. https://twitter.com/ow
71. https://twitter.com/geetkhosla
72. https://t.co/3Pro3eeGsK
77. https://twitter.com/IanMisner
78. https://twitter.com/IanMisner
79. https://twitter.com/IanMisner/status/1105451299166924800
80. https://twitter.com/ow
81. https://twitter.com/DeanPraetorius
82. https://twitter.com/DeanPraetorius
83. https://twitter.com/DeanPraetorius/status/1105494779981426690
84. https://twitter.com/ow
85. https://twitter.com/vonStrum
86. https://twitter.com/vonStrum
87. https://twitter.com/vonStrum/status/1105459581084418048
88. https://twitter.com/ow
89. https://twitter.com/DavidSmooke
90. https://twitter.com/DavidSmooke
91. https://twitter.com/DavidSmooke/status/1105536115979612160
92. https://twitter.com/vonStrum
93. https://twitter.com/ow
94. https://twitter.com/vonStrum
95. https://twitter.com/syllablehq
96. https://twitter.com/syllablehq
97. https://twitter.com/syllablehq/status/1105540268558876672
98. https://twitter.com/ow
99. https://twitter.com/TryGhost
100. https://t.co/HDtzUeozlS
101. https://twitter.com/ordietrying
102. https://twitter.com/ordietrying
103. https://twitter.com/ordietrying/status/1105537949645578242
104. https://twitter.com/ow

HackerNewsBot debug: Calculated post rank: 107 - Loop: 173 - Rank min: 100 - Author rank: 125

Amazon AWS to Maintain "Open Distro for Elastic Search" due to licensing issues

At AWS, we focus on solving problems for customers. Over the years, customer usage and dependencies on open source technologies have been steadily increasing; this is why we’ve long been committed to…

HN Discussion: https://news.ycombinator.com/item?id=19363961
Posted by dy (karma: 1086)
Post stats: Points: 99 - Comments: 82 - 2019-03-11T23:34:44Z

\#HackerNews #amazon #aws #distro #due #elastic #for #issues #licensing #maintain #open #search

---

Article content:




[1]photo by Adrian Cockcroft taken at Petra March 10, 2019.

At AWS, we focus on solving problems for customers. Over the years, customer usage and dependencies on open source technologies have been steadily increasing; this is why we’ve long been committed to open source, and our pace of contributions to open source projects – both our own and others’ – continues to accelerate.

When AWS launches a service based on an open source project, we are making a long-term commitment to support our customers. We contribute bug fixes, security, scalability, performance, and feature enhancements back to the community. For example, we have been a significant contributor to Apache Lucene, which powers Amazon Elasticsearch Service. The Amazon EMR team has been making contributions to the Hadoop ecosystem for many years, and the Amazon Elastic Container Service for Kubernetes (EKS) team has been contributing to Kubernetes. We also invest in open source communities, [2]training developers and operators, and sponsor open source events and conferences such as ApacheCon and KubeCon, and recently increased our support of the [3]Apache Software Foundation. Marketing support helps communities by growing the number of end users and contributors, and accelerates the adoption of open source projects.

Many reasons drive our active participation in open source communities: First, it’s important to support healthy communities so that projects continue to develop and stay relevant. Second, maintaining an internal forked version of a project causes extra wasted effort, and can delay releasing updates to services as merges are made. Third, releasing new ideas as open source gathers others around the ideas to help move them into the mainstream. Fourth, open source collaboration across companies and academic institutions has produced some of the most significant breakthroughs in areas like Artificial Intelligence.

To get these benefits, customers must be able to trust that open source projects stay open. The maintainers of open source projects have the responsibility of keeping the source distribution open to everyone and not changing the rules midstream. When important open source projects that AWS and our customers depend on begin restricting access, changing licensing terms, or intermingling open source and proprietary software, we will invest to sustain the open source project and community. For example, recently there was increased concern from our customers that Oracle would stop supporting the version of Java that customers relied upon, or change the licensing terms, and customers had good reason to be concerned. We [4]responded by offering the [5]Corretto project, a no-cost, multi-platform, production-ready distribution of OpenJDK from Amazon. We invested to provide long-term consistency and confidence by committing that Amazon will distribute security updates to Corretto 8 at no cost until at least June, 2023, and to Corretto 11 until at least August, 2024. Corretto is a free, supported distribution that the community can now depend on while in parallel we continue to support and make contributions directly to OpenJDK.

Unfortunately, we are seeing other examples where open source maintainers are muddying the waters between the open source community and the proprietary code they create to monetize the open source. At AWS, we believe that maintainers of an open source project have a responsibility to ensure that the primary open source distribution remains open and free of proprietary code so that the community can build on the project freely, and the distribution does not advantage any one company over another. This was part of the promise the maintainer made when they gained developers’ trust to adopt the software. When the core open source software is completely open for anyone to use and contribute to, the maintainer (and anyone else) can and should be able to build proprietary software to generate revenue. However, it should be kept separate from the open source distribution in order to not confuse downstream users, to maintain the ability for anyone to innovate on top of the open source project, and to not create ambiguity in the licensing of the software or restrict access to specific classes of users.

If we look closely at many successful open source projects, they have all benefited from access to unfettered open source software. In fact, arguably those projects would not exist today without an ability to quickly assemble and innovate on top of pre-existing open source software. For example, a significant enabler to Elasticsearch is the Apache Lucene project, an Apache Software Foundation project which predates Elasticsearch by 11 years. Elasticsearch also leverages many additional permissively licensed open source projects such as the Jackson project for JSON parsing, Netty as the web container, and many more. The point being that open source software enables individuals and businesses to innovate faster, and downstream consumers depend on that ability. When maintainers insert confusion regarding the long-term viability of the open source, it impacts all downstream consumers.

Elasticsearch has played a key role in democratizing analytics of machine-generated data. It has become increasingly central to the day-to-day productivity of developers, security analysts, and operations engineers worldwide. Its permissive Apache 2.0 license enabled it to gain adoption quickly and allowed unrestricted use of the software. Unfortunately, since June 2018, we have witnessed significant intermingling of proprietary code into the code base. While an Apache 2.0 licensed download is still available, there is an extreme lack of clarity as to what customers who care about open source are getting and what they can depend on. For example, neither release notes nor documentation make it clear what is open source and what is proprietary. Enterprise developers may inadvertently apply a fix or enhancement to the proprietary source code. This is hard to track and govern, could lead to breach of license, and could lead to immediate termination of rights (for both proprietary free and paid). Individual code commits also increasingly contain both open source and proprietary code, making it very difficult for developers who want to only work on open source to contribute and participate. In addition, the innovation focus has shifted from furthering the open source distribution to making the proprietary distribution popular. This means that the majority of new Elasticsearch users are now, in fact, running proprietary software. We have discussed our concerns with Elastic, the maintainers of Elasticsearch, including offering to dedicate significant resources to help support a community-driven, non-intermingled version of Elasticsearch. They have made it clear that they intend to continue on their current path.

Meanwhile, we have gotten feedback from customers and partners that these changes are concerning to them as well. It has created uncertainty about the longevity of the open source project as it is getting less innovation focus. Customers also want the freedom to run the software anywhere and self-support at any point in time if they need to. We have therefore decided to partner with others such as Expedia Group and Netflix to create a new open source distribution of Elasticsearch named “Open Distro for Elasticsearch.” Open Distro for Elasticsearch is a value-added distribution that is 100% open source, which will be focused on driving innovation with value-added features to ensure users have a feature-rich option that is fully open source.

“Open source software and the freedoms it provides are important to Expedia Group,” said Subbu Allamaraju, VP Cloud Architecture at Expedia Group. “We are excited about the Open Distro for Elasticsearch initiative, which aims to accelerate the feature set available to open source Elasticsearch users like us. This initiative also helps in reassuring our continued investment in the technology.”

“At Netflix, we are committed to open source. We are both major users and contributors to open source,” said Christian Kaiser, VP Platform Engineering at Netflix. “Open Distro for Elasticsearch will allow us to freely contribute to an Elasticsearch distribution, that we can be confident will remain open source and community-driven.”

As was the case with Java and OpenJDK, our intention is not to fork Elasticsearch, and we will be making contributions back to the Apache 2.0-licensed Elasticsearch upstream project as we develop add-on enhancements to the base open source software. In the first release, we will include many new advanced but completely open source features including encryption-in-transit, user authentication, detailed auditing, granular roles-based access control, event monitoring and alerting, deep performance analysis, and SQL support.

The new advanced features of Open Distro for Elasticsearch are all Apache 2.0 licensed. With the first release, our goal is to address many critical features missing from open source Elasticsearch, such as security, event monitoring and alerting, and SQL support. We think these features will be exciting and valuable to developers and will encourage them to download, collaborate, and ultimately, contribute to the community. Many of these features are ones that we have been working on for inclusion in Amazon Elasticsearch Service. Open Distro for Elasticsearch enables users to run the same feature-rich distribution anywhere they wish, such as on-premises, on laptops, or in the cloud.

Our aim for Open Distro for Elasticsearch is to provide developers with the freedom to contribute to open source value-added features on top of the Apache 2.0-licensed Elasticsearch upstream project. We plan to contribute patches to the open source Elasticsearch base back upstream for the benefit of all. Open Distro for Elasticsearch will welcome developers and contributors from across the industry to invest in these important technologies with the confidence that they will always remain open source and permissively licensed. The whole idea of open source is that multiple users and companies can put it to work and everyone can contribute to its improvement. Open Distro for Elasticsearch is consistent with our commitment to make the necessary investments to keep open source truly open and enable anyone to benefit from our contributions.

You can download, begin using, and contribute to Open Distro for Elasticsearch today. The security features available in this initial release include encryption-in-transit, native Active Directory, LDAP, and OpenID authentication, roles-based and granular access control, and audit logging. Other key features include integrated event monitoring and alerting that opens up the full flexibility of the Elasticsearch query language to notify you of changes in your data, SQL support including REST and JDBC support, and an advanced performance analyzer. To download and learn more about Open Distro for Elasticsearch, visit [6]https://opendistro.github.io/for-elasticsearch/.

For more details, see Jeff Barr’s post [7]New – Open Distro for Elasticsearch.

[8]한국어 번역

photo credit: taken by Adrian Cockcroft at Petra, March 10, 2019

References

Visible links
2. https://github.com/aws-samples/aws-workshop-for-kubernetes
3. https://aws.amazon.com/blogs/opensource/supporting-apache-software-foundation/
4. https://aws.amazon.com/blogs/opensource/amazon-corretto-no-cost-distribution-openjdk-long-term-support/
5. https://aws.amazon.com/corretto/
6. https://opendistro.github.io/for-elasticsearch/
7. https://aws.amazon.com/blogs/aws/new-open-distro-for-elasticsearch/
8. https://aws.amazon.com/ko/blogs/korea/keeping-open-source-open-open-distro-for-elasticsearch/

HackerNewsBot debug: Calculated post rank: 93 - Loop: 125 - Rank min: 80 - Author rank: 60

Facebook backtracks after removing Warren ads calling for Facebook breakup

A Facebook spokesperson said the company is in the process of restoring the ads.
Article word count: 369

HN Discussion: https://news.ycombinator.com/item?id=19363561
Posted by edward (karma: 21814)
Post stats: Points: 117 - Comments: 84 - 2019-03-11T22:38:16Z

\#HackerNews #ads #after #backtracks #breakup #calling #facebook #for #removing #warren

---

Article content:




[1]Elizabeth Warren

Facebook removed several ads placed by Sen. Elizabeth Warren’s presidential campaign that called for the breakup of Facebook and other tech giants.

But the social network later reversed course after POLITICO reported on the takedown, with the company saying it wanted to allow for "robust debate."

Story Continued Below

The ads, which had identical images and text, touted Warrenʼs [2]recently announced plan to unwind "anti-competitive" tech mergers, including Facebook’s acquisition of WhatsApp and Instagram.

“Three companies have vast power over our economy and our democracy. Facebook, Amazon, and Google," read the ads, which Warrenʼs campaign had placed Friday. "We all use them. But in their rise to power, they’ve bulldozed competition, used our private information for profit, and tilted the playing field in their favor.”

A message on the three ads said: “This ad was taken down because it goes against Facebookʼs advertising policies.”

By signing up you agree to receive email newsletters or alerts from POLITICO. You can unsubscribe at any time.

A Facebook spokesperson confirmed the ads had been taken down but said the company is in the process of restoring them.

“We removed the ads because they violated our policies against use of our corporate logo," the spokesperson said. "In the interest of allowing robust debate, we are restoring the ads.”

Warren swiped at Facebook over the removal, citing it as evidence the company has grown too powerful.

"Curious why I think FB has too much power? Letʼs start with their ability to shut down a debate over whether FB has too much power," she [3]tweeted. "Thanks for restoring my posts. But I want a social media marketplace that isnʼt dominated by a single censor."

More than a dozen other Facebook ads from Warren about her tech proposal were not affected.

The Massachusetts Democrat has staked out an aggressive stance toward Silicon Valleyʼs biggest companies, going further than many of the other Democratic 2020 candidates.

The affected ads, which included a video, directed users to a petition on Warren’s campaign website urging them “to support our plan to break up these big tech companies.”

The ads were limited in size and reach, with each costing under $100, according to disclosure details listed online.

Jump to sidebar section

References

Visible links
2. https://www.politico.com/story/2019/03/08/warren-amazon-google-facebook-2829526
3. https://twitter.com/ewarren/status/1105256905058979841

HackerNewsBot debug: Calculated post rank: 106 - Loop: 111 - Rank min: 100 - Author rank: 73

Nvidia to Acquire Mellanox for $6.9B

NVIDIA and Mellanox today announced that the companies have reached a definitive agreement under which NVIDIA will acquire Mellanox.
Article word count: 2576

HN Discussion: https://news.ycombinator.com/item?id=19358062
Posted by vostok4 (karma: 73)
Post stats: Points: 132 - Comments: 69 - 2019-03-11T11:15:05Z

\#HackerNews #69b #acquire #for #mellanox #nvidia

---

Article content:
\* Unites leaders in processing and interconnect for the high performance computing market
\* Builds on the companies’ long history of collaboration and joint innovation
\* Expected to be accretive to NVIDIA’s non-GAAP gross margin, non-GAAP EPS and free cash flow immediately after close
NVIDIA and Mellanox today announced that the companies have reached a definitive agreement under which NVIDIA will acquire Mellanox. Pursuant to the agreement, NVIDIA will acquire all of the issued and outstanding common shares of Mellanox for $125 per share in cash, representing a total enterprise value of approximately $6.9 billion. Once complete, the combination is expected to be immediately accretive to NVIDIA’s non-GAAP gross margin, non-GAAP earnings per share and free cash flow.

The acquisition will unite two of the world’s leading companies in high performance computing (HPC). Together, NVIDIA’s computing platform and Mellanox’s interconnects power over 250 of the world’s TOP500 supercomputers and have as customers every major cloud service provider and computer maker.

The data and compute intensity of modern workloads in AI, scientific computing and data analytics is growing exponentially and has put enormous performance demands on hyperscale and enterprise datacenters. While computing demand is surging, CPU performance advances are slowing as Moore’s law has ended. This has led to the adoption of accelerated computing with NVIDIA GPUs and Mellanox’s intelligent networking solutions.

Datacenters in the future will be architected as giant compute engines with tens of thousands of compute nodes, designed holistically with their interconnects for optimal performance.

An early innovator in high-performance interconnect technology, Mellanox pioneered the InfiniBand interconnect technology, which along with its high-speed Ethernet products is now used in over half of the world’s fastest supercomputers and in many leading hyperscale datacenters.

With Mellanox, NVIDIA will optimize datacenter-scale workloads across the entire computing, networking and storage stack to achieve higher performance, greater utilization and lower operating cost for customers.

“The emergence of AI and data science, as well as billions of simultaneous computer users, is fueling skyrocketing demand on the world’s datacenters,” said Jensen Huang, founder and CEO of NVIDIA. “Addressing this demand will require holistic architectures that connect vast numbers of fast computing nodes over intelligent networking fabrics to form a giant datacenter-scale compute engine.

“We’re excited to unite NVIDIA’s accelerated computing platform with Mellanox’s world-renowned accelerated networking platform under one roof to create next-generation datacenter-scale computing solutions. I am particularly thrilled to work closely with the visionary leaders of Mellanox and their amazing people to invent the computers of tomorrow.”

“We share the same vision for accelerated computing as NVIDIA,” said Eyal Waldman, founder and CEO of Mellanox. “Combining our two companies comes as a natural extension of our longstanding partnership and is a great fit given our common performance-driven cultures. This combination will foster the creation of powerful technology and fantastic opportunities for our people.”

The companies have a long history of collaboration and joint innovation, reflected in their recent contributions in building the world’s two fastest supercomputers, Sierra and Summit, operated by the U.S. Department of Energy. Many of the world’s top cloud service providers also use both NVIDIA GPUs and Mellanox interconnects. NVIDIA and Mellanox share a common performance-centric culture that will enable seamless integration.

Once the combination is complete, NVIDIA intends to continue investing in local excellence and talent in Israel, one of the world’s most important technology centers. Customer sales and support will not change as a result of this transaction.

Additional Transaction Details

Post close, the transaction is expected to be immediately accretive to NVIDIA’s non-GAAP gross margin, non-GAAP earnings per share and free cash flow. NVIDIA intends to fund the acquisition through cash on its balance sheet. In addition, there is no change to its previously announced capital return program for the rest of fiscal 2020. The transaction has been approved by both companies’ boards of directors and is expected to close by the end of calendar year 2019, subject to regulatory approvals as well as other customary closing conditions, including the approval by Mellanox shareholders of the merger agreement.

Advisors

Goldman Sachs & Co. LLC served as exclusive financial advisor to NVIDIA and Jones Day served as legal advisor. Credit Suisse Group and J.P. Morgan Chase & Co. served as financial advisors to Mellanox and Latham & Watkins, LLP and Herzog Fox & Neeman served as legal advisors.

Conference Call and Webcast Details

NVIDIA will conduct a webcast at 5:30 a.m. PT today to discuss the transaction. The webcast and a copy of the presentation materials can be found on NVIDIA’s Investor Relations website at [1]https://investor.nvidia.com. A webcast replay and a copy of the webcast presentation materials will also be available at [2]https://investor.nvidia.com.

About Mellanox
Mellanox (NASDAQ: MLNX) is a leading supplier of end-to-end Ethernet and InfiniBand smart interconnect solutions and services for servers and storage. Mellanox interconnect solutions increase datacenter efficiency by providing the highest throughput and lowest latency, delivering data faster to applications and unlocking system performance capability. Mellanox offers a choice of fast interconnect products: adapters, switches, software and silicon that accelerate application runtime and maximize business results for a wide range of markets including high performance computing, enterprise datacenters, Web 2.0, cloud, storage and financial services. More information is available at [3]http://www.mellanox.com/.

About NVIDIA
[4]NVIDIA’s (NASDAQ: NVDA) invention of the GPU in 1999 sparked the growth of the PC gaming market, redefined modern computer graphics and revolutionized parallel computing. More recently, GPU deep learning ignited modern AI — the next era of computing — with the GPU acting as the brain of computers, robots and self-driving cars that can perceive and understand the world. More information at [5]http://nvidianews.nvidia.com/.

All statements included or incorporated by reference in this communication, other than statements or characterizations of historical fact, are forward-looking statements within the meaning of the federal securities laws, including Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. These forward-looking statements are based on NVIDIA’s current expectations, estimates and projections about its business and industry, management’s beliefs, and certain assumptions made by NVIDIA and Mellanox, all of which are subject to change. Forward-looking statements can often be identified by words such as “anticipates,” “expects,” “intends,” “plans,” “predicts,” “believes,” “seeks,” “goals,” “likely,” “might,” “project,” “target,” “estimates,” “may,” “will,” “should,” “would,” “could,” “potential,” “continue,” “ongoing,” or similar expressions, and variations or negatives of these words. Certain statements in this press release including, but not limited to, statements as to the proposed transaction and acquisition of Mellanox by NVIDIA, including statements regarding the benefits of the transaction and what the combined companies will offer, the timing, price and closing conditions of the transaction; statements regarding the companies’ products and markets; the transaction uniting two of the world’s leading companies in high performance computing; data and compute intensity of modern workloads growing exponentially; CPU performance advances slowing, while computing demand is surging; the adoption of accelerated computing with GPUs and accelerated networking; datacenters being architected as giant compute engines with millions of compute nodes and the performance and interconnections therein; NVIDIA optimizing performance at the datacenter scale and Mellanox’s technology enabling this to happen; the transaction resulting in higher performance datacenters that will provide greater utilization and lower operating costs to customers; AI, data science and
computer users fueling skyrocketing demands on the world’s datacenters; holistic architectures that connect fast computing nodes solving the demand issue for datacenters; the combined companies’ offerings, including technology for the next-generation datacenters and working with the leaders of Mellanox to invent the computers of tomorrow; combining the companies being a natural extension of their partnership and being a great fit; the combination enabling the creation of powerful technology and fantastic opportunities; the benefits of the companies’ common culture and it enabling a seamless integration; the world’s top cloud service providers using the companies’ products; NVIDIA continuing to invest in Israel; Israel being one of the world’s most important markets for innovation; customer and sales support not changing as a result of the transaction; the expectation that the transaction will be accretive; NVIDIA’s intention to fund the transaction through cash on its balance sheet; and NVIDIA’s continuation of its capital return program are forward-looking statements that are subject to risks and uncertainties that could cause results to be materially different than expectations.

Forward-Looking Statements

These forward-looking statements are based on current expectations and are not guarantees of future results. Many factors could cause actual future events to differ materially from the forward-looking statements in this document, including the following, among others: the risk that the transaction may not be completed in a timely manner or at all, which may adversely affect the companies’ business and the price of its stock; uncertainties as to the timing of the consummation of the transaction and the failure to satisfy the conditions to the consummation of the transaction, including the receipt of certain governmental and regulatory approvals; the potential for regulatory authorities to require divestitures, behavioral remedies or other concessions in order to obtain their approval of the proposed transaction; the occurrence of any event, change or other circumstance that could give rise to the termination of the merger agreement; the effect of the announcement or pendency of the transaction on NVIDIA’s business relationships, operating results, and business generally; delays, disruptions or increased costs in the integration of Mellanox’s technology in existing or new products; Mellanox shareholders may not approve the transaction; expected benefits and other financial benefits of the transaction may not be realized; integration of the acquisition post-closing may not occur as anticipated, and the combined companies’ ability to achieve the growth prospects and synergies expected from the transaction, as well as delays, challenges and expenses associated with integrating the combined companies’ existing businesses may incur; litigation related to the transaction or otherwise or limitations or restrictions imposed by regulatory authorities may delay or negatively impact the transaction; unanticipated restructuring costs may be incurred or undisclosed liabilities assumed; attempts to retain key personnel and customers may not succeed; risks related to diverting management’s attention from NVIDIA’s ongoing
business operations; the business combination or the combined company’s products may not be supported by third parties; actions by competitors may negatively impact results; potential adverse reactions or changes to business relationships resulting from the announcement or completion of the transaction; there may be negative changes in general economic conditions in the regions or the industries in which NVIDIA and Mellanox operate; and other risks described in NVIDIA’s and Mellanox’s filings with the Securities and Exchange Commission (SEC). In addition, please refer to the documents that NVIDIA and Mellanox file with the SEC on Forms 10-K, 10-Q, and 8-K. These filings identify and address other important risks and uncertainties that could cause events and results to differ materially from those contained in the forward-looking statements set forth in this document. These forward-looking statements are not guarantees of future events performance and speak only as of the date hereof, and, except as required by law, NVIDIA and Mellanox disclaim any obligation to update these forward-looking statements to reflect future events or circumstances.

In addition, actual results are subject to other risks and uncertainties that relate more broadly to NVIDIA’s overall business, including those more fully described in NVIDIA’s filings with the SEC, including its annual report on Form 10-K for the fiscal year ended January 27, 2019, and Mellanox’s overall business and financial condition, including those more fully described in Mellanox’s filings with the SEC, including its annual report on Form 10-K for the fiscal year ended December 31, 2018. The foregoing review of important factors that could cause actual events to differ from expectations should not be construed as exhaustive and should be read in conjunction with statements that are included herein and NVIDIA’s filings with the SEC.

Except as required by applicable law, NVIDIA does not undertake any obligation to revise or update any forward-looking statement, or to make any other forward-looking statements, whether as a result of new information, future events or otherwise. NVIDIA can give no assurance that the conditions to the transaction will be satisfied.

Additional Information and Where to Find It

This communication is being made in respect of the proposed transaction. Mellanox intends to file with the SEC and mail or otherwise provide to its shareholders a proxy statement in connection with the proposed transaction with NVIDIA (the “proxy statement”), and each party will file other documents regarding the proposed transaction with the SEC. The definitive proxy statement will be sent or given to the shareholders of Mellanox and will contain important information about the proposed transaction and related matters. This communication is not a substitute for the proxy statement or any other document that may be filed by Mellanox with the SEC. Investors and security holders are urged to read the proxy statement in its entirety and other relevant documents filed with the SEC in connection with the proposed transaction or incorporated by reference therein when they become available before making any voting or investment decision with respect to the proposed transaction because they will contain important information about the proposed transaction and the parties to the proposed transaction.

You may obtain copies of all documents filed with the SEC regarding this transaction, free of charge, at the SEC’s website (www.sec.gov). In addition, investors and shareholders will be able to obtain free copies of the proxy statement and other documents filed with the SEC by NVIDIA on NVIDIA’s Investor Relations website ([6]investor.nvidia.com) or by writing to NVIDIA, Investor Relations, 2788 San Tomas Expressway, Santa Clara, CA 95051 (for documents filed with the SEC by NVIDIA), or by Mellanox on Mellanox’s Investor Relations website ([7]ir.mellanox.com) or by writing to Mellanox, Investor Relations, Hakidma 26 Ofer Industrial Park Yokneam Israel, 2069200, [8]IR@mellanox.com (for documents filed with the SEC by Mellanox).

Participants in the Solicitation

NVIDIA, Mellanox and certain of their respective directors, executive officers, other members of management and employees and agents retained, may, under SEC rules, be deemed to be participants in the solicitation of proxies in connection with the proposed transaction. Information regarding the persons who may, under SEC rules, be deemed participants in the solicitation of Mellanox shareholders in connection with the proposed transaction will be set forth in the proxy statement when it is filed with the SEC. You can find more detailed information about NVIDIA’s executive officers and directors in its definitive proxy statement filed with the SEC on April 6, 2018. You can find more detailed information about Mellanox’s executive officers and directors in its annual report on Form 10-K filed with the SEC on February 21, 2019. To the extent holdings of securities by each company’s directors or executive officers have changed since the amounts disclosed in each company’s respective proxy statement, such changes have been or will be reflected on Statements of Change in Ownership on Form 4 filed with the SEC. Additional information regarding these persons and their interests in the proposed transaction will be included in the proxy statement relating to the proposed transaction when it is filed with the SEC. These documents, when available, can be obtained free of charge from the sources indicated above.

© 2019 NVIDIA Corporation. All rights reserved. NVIDIA and the NVIDIA logo are trademarks and/or registered trademarks of NVIDIA Corporation in the U.S. and other countries. Other company and product names may be trademarks of the respective companies with which they are associated. Features, pricing, availability and specifications are subject to change without notice.

References

Visible links
1. https://investor.nvidia.com/
2. https://investor.nvidia.com/
3. http://www.mellanox.com/
4. https://www.nvidia.com/en-us/
5. https://nvidianews.nvidia.com/
6. https://investor.nvidia.com/
7. http://ir.mellanox.com/
8. mailto:IR@mellanox.com

HackerNewsBot debug: Calculated post rank: 111 - Loop: 142 - Rank min: 100 - Author rank: 365

Hundreds of luxury Vancouver mansions being rented for cheap

In Vancouver, where sky-high real estate prices have made ownership impossible for many, it’s suddenly not too difficult to live like a king.
Article word count: 483

HN Discussion: https://news.ycombinator.com/item?id=19353686
Posted by mji (karma: 477)
Post stats: Points: 109 - Comments: 84 - 2019-03-10T19:05:09Z

\#HackerNews #being #cheap #for #hundreds #luxury #mansions #rented #vancouver

---

Article content:



In Vancouver, where sky-high real estate prices have made ownership impossible for many, it’s suddenly not too difficult to live like a king.

Last week, author and housing advocate Kishone Roy found approximately 800 Vancouver-area mansions for rent on Craigslist for prices well below what they would normally command.

Many of the mansions have ocean views and offer luxury amenities such as swimming pools, in-home cinemas, built-in saunas and wine cellars. In several cases, the homes are fully furnished.

Rather than the listings being a fluke, Roy kept finding more and more luxury properties.

“I didnʼt expect this,” Roy told CTV News. “I thought when there were 25 it was noteworthy. I didnʼt expect to find 800.”

The city of Vancouver is facing a crisis in housing affordability, with one bedroom units averaging about $1,730 per month.

But these rentals offer a single room in a multi-bedroom house for anywhere between $700 and $1,500, with more than 5,000 empty bedrooms available across the city.

“Maybe the cheapest real estate right now is mansion rentals,” Roy said.

While most owners contacted by CTV News said they don’t want groups renting out the homes, the rentals present a cheaper housing alternative for students and young professionals.

Sehrish Qureshi is one of 14 students who applied online and was placed in a Vancouver mansion nicknamed “the castle,” paying around $1,000 a month for a mansion with a pool, home theatre, and games room.

When move-in day arrived, she was shocked by the furnished, $5-million home.

“Me and my family were just like, ‘What? Is this for real?’” she said.

“I’ve compared it to some of my classmates, and they pay, like, $1,300, $1,400 for small studio apartments in downtown … I’m so happy with what I’m paying.”

It’s a situation that might not seem to make sense, but realtor Kevin Wang says the answer is a simple one.

“The speculator tax is really the big one,” Wang said. “It hit the market.”

Last year, B.C. introduced new taxes targeting real estate speculators who purchased property, only to leave it sitting empty.

Under the new rules, if a property has a foreign owner and is left vacant, Vancouver can tax the owner for 1 per cent of the property’s assessed value, while B.C. can claim another 2 per cent.

That means on a multi-million-dollar property, the taxes can easily surpass $100,000. But if an owner opts to rent -- even for a pittance – they’ll save money.

While many owners seem to be asking a monthly rent almost exactly the monthly tax cost, some seem to be open to taking much less.

“I thought I was imagining things until I called a mansion broker today and offered to rent one for $1 for the year,” Roy wrote on Twitter.

“She quickly took my number, and even asked if there was a specific mansion I had in mind.”

HackerNewsBot debug: Calculated post rank: 100 - Loop: 246 - Rank min: 100 - Author rank: 164

Using Let's Encrypt for Internal Servers (2018)

This blog posts describes how to issue Let's Encrypt certificates for internal servers. We used this mechanism to issue a cert to 65,000+ internal machines.
Article word count: 23

HN Discussion: https://news.ycombinator.com/item?id=19353294
Posted by GordonS (karma: 5231)
Post stats: Points: 145 - Comments: 83 - 2019-03-10T18:12:19Z

\#HackerNews #2018 #encrypt #for #internal #lets #servers #using

---

Article content:



[1]Let’s Encrypt is a revolutionary new certificate authority that provides free certificates in a completely automated process. These certificates are issued via the [2]ACME protocol. Over the last 2 years or so, the Internet has widely adopted Let’s Encrypt — over 50% of the web’s SSL/TLS certificates are now issued by Let’s Encrypt.

But while there are many tools to automatically renew certificates for publicly available webservers ([3]certbot, [4]simp_le, [5]I wrote about how to do that 3 years back), it’s hard to find any useful information about how to issue certificates for internal non Internet facing servers and/or devices with Let’s Encrypt.

This blog posts describes how to issue Let’s Encrypt certificates for internal servers. At [6]Datto, we issued a certificate for each of our 65,000+ BCDR appliances using this exact mechanism.

Content

• How does it work?
  To issue a certificate through Let’s Encrypt, you must prove that you either own the website you want to issue the certificate for, or that you own the domain it runs on. Typically, automated tools like [7]certbot use the [8]HTTP challenge to prove site ownership using the .well-known directory. While this works beautifully if the site is Internet-facing (and Let’s Encrypt can verify the HTTP challenge files via a simple HTTP request), it doesn’t work if your server runs on 10.1.1.4 or any other internal address.
  
  The [9]DNS challenge solves this problem by letting you prove domain ownership through the DNS TXT record _acme-challenge.example.com. Let’s Encrypt will verify that the record matches what it expects and issue your certificate if it all adds up.
  
  So really the magic ingredients to issuing certificates for internal non Internet facing machines are:
  
  * A dedicated DNS zone for all your internal devices, e.g. xi8qz.example.com, and a dynamic DNS server to manage this zone (here: example.com)
  * An ACME client capable of using the Let’s Encrypt’s DNS challenge to prove domain ownership
• Example: An internal server 10.1.1.4, aka. xi8qz.example.com
  The following diagram shows how we have implemented our Let’s Encrypt integration for our Datto backup appliances. Each appliance (read: internal server) is behind a NAT and carries its own local IP address.
  
  The general approach is simple: The appliance regularly reaches out to our control server to ensure that it can be reached via its own subdomain. If its local IP address changes, it triggers an update of its own subdomain. In addition, it checks regularly if the certificate is still valid, and requests a renewal if it’s outdated.
  
  Here’s a bit more detail to this process:
  
  For this example, let’s assume we’re trying to issue a certificate for an appliance with the identifier xi8qz and the local IP address 10.1.1.4. From the perspective of this appliance, there are two requests to be made:
  
  * Steps 1-3: First, it needs to set/update its own DNS domain (here: xi8qz.example.com). This domain will later be used as a common name (CN) in the certificate. On top of that, it needs to make sure that this record is updated every time the server’s IP address changes.
  * Steps 4-14: It needs to regularly check if the local certificate needs to be renewed and request a renewal if it’s time. Obviously, if there is no certificate it needs to be “renewed”.
  
  Let’s now examine these steps in greater detail.
  
  2.1. Prerequisites: Assigning a domain for each machine (steps 1-3)
  
  As mentioned above, we need to give each appliance a proper domain name in order to be able to prove ownership to Let’s Encrypt, so we need to buy a domain (here: example.com) and delegate its NS records to our DDNS server:
  
  Our DDNS server should own the domain weʼve chosen for our machines
  [10]

---

$ dig +short NS
example.com
On top of that, we need the ability to dynamically add and remove records from it (via an API of some sort). I’ve previously written about how to [11]spin up your own DDNS server, if you are interested.

Once that’s all set up, we need to make sure that the machine’s A record is updated whenever its IP address changes. For our internal machine, let’s assign xi8qz.example.com as its domain. If everything’s working properly, you should be able to resolve this domain to its IP address using a normal DNS query:

The machineʼs A record resolves to its local IP address
[12]

---

$ dig +short
xi8qz.example.com

2.2. Requesting a certificate (steps 4-14)
Assuming you now control the DNS zone for example.com completely and you can quickly edit it dynamically, you’re all set for actually issuing certificates for your local device domain via Let’s Encrypt.

For our example appliance, it will regularly check if the existing certificate is still valid (step 4). If there is no certificate or the existing one is about to expire, the device will generate a keypair and a [13]certificate signing request (CSR) using its assigned hostname (here: xi8qz.example.com) as a CN, and it’ll send that CSR to the control server (step 5).

After authorizing the request (an important step not shown in the diagram!), the control server requests a DNS challenge for the given domain from the ACME API via the [14]Pre-Authorization/new-authz API call (step 6). The ACME API responds with a DNS challenge (step 7). If all goes well, this looks something like this:

Response from the ACME API for a new-authz request
[15]

---

    "value": "xi8qz.example.com"
  "expires": "2018-04-15T21:26:29Z",
      "uri":
"https://acme-staging.api.letsencrypt.org/acme/challenge/VtjihR4X8nLAj4MDwI...",
      "token": "aLptEKAeUOajkiGrx-kkbjUX4b1MC..."
Using this response, the control server must set a DNS TXT record at _acme-challenge.xi8qz.example.com (step 8) and notify the ACME API that the challenge response has been placed (step 9).

Once the challenge response has been verified by Let’s Encrypt (step 10-11), the certificate can finally be requested using the CSR (step 12-13).

After Let’s Encrypt responds with a certificate, you’ll see something like this on the wire:

[16]

---

-----BEGIN CERTIFICATE-----
MIIGEjCCBPqgAwIBAgISAyk2izMz7OXSqHeZhg+rUR5uMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
If decoded with openssl, we can see that’s it’s the real deal:

[17]

---

$ openssl x509 -in www.crt -text -noout
            03:29:36:8b:33:33:ec:e5:d2:a8:77:99:86:0f:ab:51:1e:6e
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Letʼs Encrypt, CN=Letʼs Encrypt Authority
X3
            Not Before: Jul 18 23:37:35 2018 GMT
            Not After : Oct 16 23:37:35 2018 GMT
        Subject: CN=xi8qz.example.com
            Public Key Algorithm: rsaEncryption
                    00:be:69:df:28:04:9c:2b:e9:94:72:c3:de:a6:fd:
                    a4:38:93:be:43:a7:81:8b:dc:9a:be:19:0d:c0:d1:
This certificate is then returned to the machine (step 14). After the webserver of the appliance/server has been restarted, it’s web interface can be accessed via HTTPS in the browser or on the command line:

Connecting to the internal server via HTTPS
[18]

---

$ curl -v https://xi8qz.example.com/login
\* Connected to xi8qz.example.com (10.1.1.4) port 443 (#0)
\* ALPN, offering http/1.1
\* successfully set certificate verify locations:
\*   CAfile: /etc/ssl/certs/ca-certificates.crt
\* TLSv1.2 (OUT), TLS handshake, Client hello (1):
\* TLSv1.2 (IN), TLS handshake, Server hello (2):
\* TLSv1.2 (IN), TLS handshake, Certificate (11):
\* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
\* TLSv1.2 (IN), TLS handshake, Server finished (14):
\* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
\* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
\* TLSv1.2 (OUT), TLS handshake, Finished (20):
\* TLSv1.2 (IN), TLS handshake, Finished (20):
\* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
\* ALPN, server accepted to use http/1.1
\*  subject: CN=xi8qz.example.com
\*  start date: Jul 18 23:37:35 2018 GMT
\*  expire date: Oct 16 23:37:35 2018 GMT
\*  subjectAltName: host "xi8qz.example.com" matched certʼs
"xi8qz.example.com"
\*  issuer: C=US; O=Letʼs Encrypt; CN=Letʼs Encrypt Authority X3
\*  SSL certificate verify ok.
> Host: xi8qz.example.com
> User-Agent: curl/7.58.0
< Date: Sun, 05 Aug 2018 17:38:49 GMT
< Server: Apache/2.4.18 (Ubuntu)
It’s important to note that if you are considering implementing this mechanism for a large number of servers that you use the Let’s Encrypt [19]staging environments for testing and, more importantly, that you consider their [20]rate limit restrictions.

By default, Let’s Encrypt only allows you to issue 20 certificates per week for the same domain or the same account. To increase this number, you have to either [21]request a higher rate limit or get your domain added to the [22]public suffix list (note: adding your domain here has other implications!).

Due to these rate limits, it is vital that you spread out the initial deployment enough to stay under the rate limit, and that you leave enough room for future servers to be added. Also consider renewals in the initial rollout plan.

• Summary
  As you can see it’s not really rocket science.
  
  We first assigned each appliance (aka. internal server) a public domain name using our own dynamic DNS server and a dedicated DNS zone. Using the server’s assigned domain (here: xi8qz.example.com), we then used Let’s Encrypt’s free certificate offering and their DNS challenge to issue a certificate for that server.
  
  By doing that for all internal servers, we can provide secure communication in our internal IT infrastructure without having to deploy a custom CA cert or having to pay for certificates.
  
  Iʼd very much like to hear what you think of this post. Feel free to leave a comment. I usually respond within a day or two, sometimes even faster. I will not share or publish your e-mail address anywhere.

References

Visible links
1. https://letsencrypt.org/
2. https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html
3. https://certbot.eff.org/
4. https://github.com/kuba/simp_le
5. https://blog.heckel.xyz/2015/12/04/lets-encrypt-5-min-guide-to-set-up-cronjob-based-certificate-renewal/
6. https://www.datto.com/
7. https://certbot.eff.org/
8. https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html#rfc.section.8.3
9. https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html#rfc.section.8.4
11. https://blog.heckel.xyz/2016/12/31/your-own-dynamic-dns-server-powerdns-mysql/
13. https://en.wikipedia.org/wiki/Certificate_signing_request
14. https://ietf-wg-acme.github.io/acme/draft-ietf-acme-acme.html#rfc.section.7.4.1
19. https://letsencrypt.org/docs/staging-environment/
20. https://letsencrypt.org/docs/rate-limits/
21. https://goo.gl/forms/plqRgFVnZbdGhE9n1
22. https://publicsuffix.org/

HackerNewsBot debug: Calculated post rank: 124 - Loop: 206 - Rank min: 100 - Author rank: 28

Goodbye Docker and Thanks for All the Fish

docker, kubernetes, cloud
Article word count: 1275

HN Discussion: https://news.ycombinator.com/item?id=19351236
Posted by Corrado (karma: 2112)
Post stats: Points: 124 - Comments: 64 - 2019-03-10T09:53:59Z

\#HackerNews #all #and #docker #fish #for #goodbye #thanks #the

---

Article content:




Back in [1]July 2018, I started to write a blog post about the upcoming death of Docker as a company (and also perhaps as a technology) but I never got round to completing and publishing the post. It is time to actually get that post out.
OK .. Time to share my thoughts on the soon to be death of [2]#docker
— Maish Saidel-Keesing (☁️🚀☁️) (@maishsk) [3]July 17, 2018
So here you go....

Of course Docker is still here, and of course everyone is still using Docker and will continue to do so the near and foreseeable future (how far that foreseeable future is - is yet to be determined). The reason I chose this title for the blogpost is because, in my humble opinion the days for Docker as a company are numbered and maybe also a technology as well. If would indulge me with a few minutes of your time - I will share with you the basis for my thoughts. A number of years ago - Docker was the company that changed the world - and we can safely say - is still changing the world today. Containers and the technology behind containers has been around for many years, long before the word docker was even thought of, even turned into a verb (“Dockerize all the things”), but Docker was the company that enabled the masses to consume the technology of containers, in a easy and simple fashion. Most technology companies (or at least companies that consider themselves to be a modern tech company) will be using Docker or containers as part of their product or their pipeline - because it makes so much sense and brings so much benefit to whole process. Over the past 12-24 months, people are coming to the realization that docker has run its course and as a technology is not going to be able to provide additional value to what they have today - and have decided to start to look elsewhere for that extra edge.

Kubernetes has won the container orchestration war, I don’t think that anyone can deny that fact. [4]Docker itself has adopted Kubernetes. There will always be niche players that have specific use cases for Docker Swarm, Mesos, Marathon, Nomad - but the de-facto standard is Kubernetes. All 3 big cloud providers, now have a managed Kubernetes solution that they offer to their customers (and as a result will [5]eventually sunset their own home-made solutions that they built over the years - because there can be only one). Everyone is building more services and providing more solutions, to bring in more customers, increase their revenue.

Story is done. Nothing to see here. Next shiny thing please.. At the moment, Kubernetes uses docker as the underlying container engine. I think that the Kubernetes community understood that Docker as a container runtime (and I use this term specifically) was the ultimate solution to get a product out of the gate as soon as possible. They also (wisely) understood quite early on they needed to have the option of switching out that container runtime - and allowing the consumers of Kubernetes to make a choice.

The [6]Open Container Initiative - brought with it the [7]Runtime Spec - which opened the door to allow us all to use something else besides docker as the runtime. And they are growing - [8]steadily. Docker is no longer the only runtime that is being used. Their is a growth in the community - that are slowly sharing the knowledge of how use something else besides Docker. Kelsey Hightower - has updated his [9]Kubernetes the hard way (amazing work - honestly) over the years from [10]CRI-O to [11]containerd to [12]gvisor. All the cool kids on the block are no longer using docker as the underlying runtime. There are many other options out there today [13]clearcontainers, [14]katacontainers and the list is continuously growing.

Most people (including myself) do not have enough knowledge and expertise of how to swap out the runtime to what ever they would like and usually just go with the default out of the box. When people understand that they can easily make the choice to swap out the container runtime, and the knowledge is out there and easily and readily available, I do not think there is any reason for us to user docker any more and therefore Docker as a technology and as a company will slowly vanish. The other container runtimes that are coming out will be faster, more secure, smarter, feature rich (some of them already are) compared to what Docker has to offer. If you have a better, smarter, more secure product - why would people continue to use technology that no longer suits their ever increasing needs? For Docker - to avert this outcome - I would advise to invest as much energy as possible - into creating the best of breed runtime for any workload - so that docker remains the de-facto standard that everyone uses. The problem with this statement - is that there no money in a container runtime. Docker never made money on their runtime, they looked for their revenue on the enterprise features above and on top the container runtime. How they are going to solve this problem - is beyond me and the scope of this post. The docker community has been steadily declining, the popularity of the events has been declining, the number of new features, announcements - is on the decline and has been on the decline for the past year or two. Someone told me a while back - that speaking bad about things or giving bad news is usually very easy. We can easily say that this is wrong, this is no useful, this should change. But without providing a positive twist on something - you become the “doom and gloom”. The “grim reaper”. Don’t be that person. I would like to heed their advice, and with that add something about - what that means for you today. You should start investing in understanding how these other runtimes can help you, where they fit,
increase your knowledge and expertise - so that you can prepare for this and not be surprised when everyone else stops using docker and you find yourself having to rush into adapting all your infrastructure. I think it is inevitable.

That was the post I wanted to write 8 months ago...

What triggered me to finish this post today was a post from [15]Scott Mccarty - about the upcoming RHEL 8 beta - [16]Enterprise Linux 8 Beta: A new set of container tools - and my tweet that followed
— Maish Saidel-Keesing (☁️🚀☁️) (@maishsk) [17]February 20, 2019
Lo and behold - no more docker package available in RHEL 8.
If you’re a container veteran, you may have developed a habit of tailoring your systems by installing the “docker” package. On your brand new RHEL 8 Beta system, the first thing you’ll likely do is go to your old friend yum. You’ll try to install the docker package, but to no avail. If you are crafty, next, you’ll search and find this package:

podman-docker.noarch : "package to Emulate Docker CLI using podman."

What is this Podman we speak of? The docker package is replaced by the Container Tools module, which consists of Podman, Buildah, Skopeo and several other tidbits. There are a lot of new names packed into that sentence so, let’s break them down.
[18]

[IMG](Source - Tutorial - Doug Tidwell (https://youtu.be/bJDI_QuXeCE)

I think a picture is worth more than a thousand words..

Please feel free to share this post and share your feedback with me on Twitter ([19]@maishsk)

References

Visible links
1. https://twitter.com/maishsk/status/1019115484673970176
2. https://twitter.com/hashtag/docker?src=hash&ref_src=twsrc%5Etfw
3. https://twitter.com/maishsk/status/1019115484673970176?ref_src=twsrc%5Etfw
4. https://www.servethehome.com/kubernetes-wins-docker-acquiesces-adopts-kubernetes/
5. https://azure.microsoft.com/en-us/updates/azure-container-service-will-retire-on-january-31-2020/
6. http://www.opencontainers.org/
7. https://github.com/opencontainers/runtime-spec
8. https://github.com/opencontainers/runtime-spec/blob/master/implementations.md
9. https://github.com/kelseyhightower/kubernetes-the-hard-way
10. https://github.com/kubernetes-incubator/cri-o)%20v1.0.0-beta.0
11. https://github.com/containerd/containerd
12. https://github.com/google/gvisor
13. https://github.com/clearcontainers/runtime
14. https://katacontainers.io/
15. https://twitter.com/fatherlinux
16. https://www.redhat.com/en/blog/red-hat-enterprise-linux-8-beta-new-set-container-tools
17. https://twitter.com/maishsk/status/1098295411117309952?ref_src=twsrc%5Etfw
18. https://maishsk.com/blog/images/20190224-goodbye-docker/podman.png
19. https://twitter.com/maishsk

HackerNewsBot debug: Calculated post rank: 104 - Loop: 57 - Rank min: 100 - Author rank: 26

The Sad State of Logging Bugs for Apple

You find a bug in macOS or iOS. Something in the software isn’t working the way it should work. You decide to let Apple know, and head over to login with your Apple ID. You fill out the required fo…
Article word count: 1631

HN Discussion: https://news.ycombinator.com/item?id=19349638
Posted by fireflies_ (karma: 71)
Post stats: Points: 113 - Comments: 35 - 2019-03-10T01:23:17Z

\#HackerNews #apple #bugs #for #logging #sad #state #the

---

Article content:




You find a bug in macOS or iOS. Something in the software isn’t working the way it should work. You decide to let Apple know, and head over to [1]http://bugreport.apple.com and login with your Apple ID. You fill out the required form, list the reproduction steps, hit the special key chord to generate a fat sysdiagnose, attach some screen shots, and hope they fix it.

What happens to your bug?

All bugs are tracked with an internal application called Radar; internal Apple employees simply log bugs directly into this application. External people use the website “Bug Reporter”, which only shows specific developer interactions with the bug, and hide all other details of the bug. Those details are engineer comments, progress on the bug, when they “expect” to fix it or which build it is fixed in, and priority. Priority is important for bugs; they are considered “unscreened” if they don’t have a priority set. Bugs with a high priority (1) are highly likely to get fixed, whereas bugs with a lower priority (3 or 4) are not likely to ever get fixed.

Each bug is placed into a particular top level component, which can have sub components. Savvy internal developers will log bugs directly into the component that the bug corresponds to, such as “AppKit / NSTableView”. This will get it directly to the right person who needs to look at it. Top level components have a large dropping areas that generic bugs can fall into, such as “iTunes / All”. These components get saturated with bug reports.

Once your bug hits Radar someone will look at it. Developer Support will often take a first look at bugs that are related to SDK/programming issues. They will then pass it on to a more specific top level component, or directly to a more specific component (ie: NSWindow).

This is where things get screwy depending on the component your bug lands in, since bug management is group dependent. Many groups will have only one or two QA people to do the initial screening of those large drop areas for bugs. QA engineers are sometimes instructed to screen bugs with a priority and “fix period” before passing them off to the engineer responsible for the code. This is terrible because many engineers will not look at bugs with a low priority. It is much better for the engineer who “owns the code” to look at a bug and determine the priority. The QA engineers will frequently get a huge back log of bugs to screen, and it can take weeks, or even months, for some bugs to get screened. Sometimes this leads to a mass screening of bugs, marking them all with a low priority. Bug originators have to notice this, and complain about it for the priority to get increased. Worse yet, some groups mass close bugs older than a year or so, and ask the originator to re-open the bug if the issue still exists. A lot of people don’t pay attention to bugs that need verification, and they simply become lost.

From an internal developer’s perspective, it was quite frustrating to take the time to log a detailed bug, only to see it sit “unscreened” for weeks and weeks. It is demoralizing to see this happen to your bugs. But worse yet, sometimes your bug would get forward-duped. Someone else at a later time logs the same bug, and your older bug report gets duplicated to it. More often than not, this is simply because of the delayed screening of bugs.

From an external developer’s perspective, it is even worse. There is very little feedback on bugs when they are in progress. You don’t know what priority the bug has, or if it has even been looked at and screened. This is Apple internationally being opaque. More transparency could easily leak features or products, so this is expected.

Hopefully a bug ends up with an individual engineer who works on the code. A lot of these bugs will still be unscreened, and Apple engineers seem to loathe the process of screening bugs. So they let them sit around for a while, sometimes for weeks or months. People would rather focus on coding something new up, or working on already screened bugs that they have to fix, as opposed to taking the time to read a bug report and figure out what needs to be done with it. They don’t have to read it and fix it right then, but just do a screening: determine priority, when to fix it (this is sometimes nebulous), and possibly ask the originator for more information (or mark it as a duplicate.)

Engineers also dislike screening bugs because sometimes they have to add them to their queue for the current release. This increases their required workload for that release, which is something people don’t like doing. So, instead, many bugs stay unscreened.

Unscreened bugs indicate potential software problems that need to be fixed. Obviously this is bad, and management doesn’t like to have high unscreened bug counts. Managers will frequently instruct engineers to screen bugs, or ask QA engineers to do it (which is bad).

Sometimes QA screen bugs with a low priority and holds onto them. They never get moved to the appropriate code engineers, and effectively become lost in the system. Sadly, I had seen this happen way too often.

Bugs screened with a low priority and a nebulous-future fix date are also lost. They rarely will be revisited and fixed. Sometimes this is okay. Some bugs are just too obscure or rare to spend time fixing.

Some bug owners don’t want to take the time to go back and forth with the originator to find out some piece of information they may need. They sit on bugs for a long time, and eventually try to reproduce a bug on a later version of the un-released OS. They can’t reproduce it, so they just assume it is fixed, and send it back to the originator. This is particularly bad for external developers, and I’ll describe why below.

When a bug is sent back as fixed, the internal developer who originated the bug is supposed to verify the problem is resolved. They can send it back if the problem isn’t resolved. However, internal developers don’t really have an incentive to verify bugs. Management doesn’t keep track of bugs that need verification or really require developers to verify them. Most engineers do verify bugs; they like to make sure problems are resolved. But external developers are left in a more sad state. The bug becomes closed for them, and is dead.

External developers do get notified when bugs are fixed, but only after the fix is available in a public release of the OS. This means it could take about a year for some bugs to get back to the external developer, since bugs start to get fixed before an OS is released to the public. Generally, the bug will ask the external developer to verify the bug by installing the latest OS. For some people, including me, this just isn’t possible; they need to run and support an older OS, and don’t have the ability to install a newer OS on a particular machine. Or, they just won’t want to install the latest OS because it doesn’t have anything they want or need (that’s me, I run 10.13). Even if they do install the OS, they may find the bug isn’t fixed. At this point, it is simply too late; engineering has likely closed the bug, and it is lost in the ether.

What can Apple do?

It is simple: Internal engineers need to take more responsibility in promptly screening bugs. Management needs to allow engineers to have more time to do this, which is at the expense of working on features or fixing already screened bugs. Engineers should always be expected to have a very low unscreened bug count.

Internal engineers need to promptly verify bugs when they are sent back to them. They need to install beta versions of the OS and do some testing. If it isn’t fixed, send it back.

If a bug report refers to some problem, then the developer should look at the code that interacts with the area described and try to think about what would cause such a problem to happen. For instance, if a button is incorrectly disabled in iTunes, then the developer should try to figure out why that could happen instead of just asking for “how to reproduce this?”

When I worked at Apple I practiced what I am now preaching. I would screen all my bugs within a day or so. I would verify bugs within a week or so. I would poke around at code and attempt to make theoretical fixes for bugs I couldn’t reproduce. I felt like it was part of my job, and I just did these things as a daily task.

What can you do?

Obviously, you have to log bug reports. It’s okay to log bugs that are missing information; developers can ask for specifics of what they need. In general, for AppKit related bugs, I would find that a “sysdiagnose” rarely would provide any useful information. I would hate it when people (usually QA, and not the engineers who worked on the code) would ask me for a sysdiagnose, when I know it wouldn’t help them figure anything out.

Log duplicates. If you know someone else logged a bug, but you are encountering the same issue, then log the same bug. It will get marked as a duplicate, but this will help increase the priority of a bug. It is sad, but Apple does look at this, and bugs with “high dupe counts” are looked at.

References

Visible links
1. http://bugreport.apple.com/

HackerNewsBot debug: Calculated post rank: 87 - Loop: 119 - Rank min: 80 - Author rank: 142