Hacker News: tsally

New comment by tsally in "Tattoo Ink Nanoparticles Persist in Lymph Nodes (2017)"

tsally — Sun, 22 Jul 2018 01:56:51 +0000

It's been a while but last time I checked it was just a certain karma threshold. The idea was to prevent newly registered accounts from spamming downvotes.

But again, haven't actively participated in HN for a while. Things could be different now.

New comment by tsally in "Tattoo Ink Nanoparticles Persist in Lymph Nodes (2017)"

tsally — Sun, 22 Jul 2018 01:29:51 +0000

It's been at least three years since I've logged in, but I just did so to downvote your incredibly ignorant comment. Congrats.

New comment by tsally in "How much salary is enough? Apparently, $75,000/year"

tsally — Fri, 18 Jan 2013 22:55:10 +0000

Your numbers are off in essentially every area. Car payment is $200-$250 a month, insurance is $100 a month, gas is $50 a month, and call it an amortized $100 a month for repairs and other expenses. In total, an average car costs $500 a month. And never mind the cost for parking. In contrast, passes for public transportation cost somewhere from $50-$100, _but_ you can usually get them subsidized and/or pre-tax. In Boston, I'm able to get an unlimited pass through my employer for $35 pre-tax a month and my car costs me $500 post-tax a month. In major cities, cars are strictly a luxury. Note, I bought one a few months ago and couldn't be happier, but I'm under no illusions: it is a luxury.

New comment by tsally in "Now legal in the U.S.: Jailbreaking your iPhone, ripping a DVD for education"

tsally — Tue, 27 Jul 2010 00:34:30 +0000

It was already legal under the DMCA (at least, according to the spirit of the law). Apple and the RIAA just wanted you to believe otherwise. The language has simply been clarified so overzealous companies can't easily scare consumers.

New comment by tsally in "Growing Number of Prosecutions for Videotaping the Police"

tsally — Tue, 20 Jul 2010 13:49:45 +0000

not a lot of folks would want people videotaping everything they did at work

Did you know if you get a Top Secret clearance, you have to have anything related to your work release reviewed for the rest of your life? Being awarded privileges by the government comes with additional responsibility. Videotaping the police is the same as monitoring people who work with classified information; it's just part of the job. If someone is uncomfortable with that s/he should find a different job.

New comment by tsally in "Makani Power, a Google funded wind energy startup, comes out of stealth"

tsally — Sun, 18 Jul 2010 22:48:02 +0000

The anser to the FAQ "Will this harm birds or bats?" was obviously crafted with the careful help of a PR and Legal team. :-p

http://www.makanipower.com/faq/faq/#2

New comment by tsally in "What a Programmer Sees When He Watches Inception"

tsally — Sun, 18 Jul 2010 18:29:05 +0000

You might be interested in reading this: http://en.wikipedia.org/wiki/Gender_in_English#Modern_Englis.... As third person singular personal pronouns, he and he/she are both acceptable in the dual gender case. If we're going to be strictly PC we should say gender-neutral, but A Comprehensive Grammar of the English Language was written in 1985, so I hope you let it pass. :)

New comment by tsally in "What a Programmer Sees When He Watches Inception"

tsally — Sun, 18 Jul 2010 18:23:23 +0000

Do you hold disdain for properly citing references in technical journals? The rational for proper quoting is the same.

New comment by tsally in "Do Schools Kill Creativity?"

tsally — Sun, 18 Jul 2010 15:03:14 +0000

I should have qualified. The only reason that might be reasonable to maintain a high GPA is an honors program or some other program with an arbitrary GPA requirement (i.e. 5 years BS/MS http://www.cs.vt.edu/undergraduate/degrees/5yr-BS-MS).

I will say that I started my college career in the honors program and on the 5 year BS/MS track. I just couldn't wait long enough to start doing real work. ;)

New comment by tsally in "Do Schools Kill Creativity?"

tsally — Sun, 18 Jul 2010 14:52:39 +0000

A note for when you go to college: On the surface college may seem like it rewards risk even less than high school. Don't be fooled. You just have to intelligently optimize your GPA (I wrote about optimization a bit here: http://news.ycombinator.com/item?id=1132222). If you take this approach, the challenge is no longer getting offered a job, but getting the interview in the first place. I've been offered a job for every interview I've had, but damn did I have to work hard to get my foot in the door. Once you DO get your foot in the door, you're pretty much guaranteed the job because your risk taking puts you many technical miles ahead of the competition. I hope (but have no empirical evidence yet) that the same effect will be true when applying to graduate school. Just use your ingenuity to get around the screening process. :)

EDIT: One last thing I thought of. You may be one of those people that will be able to get a 4.0 GPA and have time to work on creative processes. Your 4.0 GPA is still a waste of time. There is always more you can do that is ultimately more impressive than a high GPA (i.e. publishing in competitive conferences, starting a highly technical and useful open source project, working on the Linux/BSD kernel, etc).

New comment by tsally in "Black Hat Talk on Chinese Cyber Crime Pulled"

tsally — Fri, 16 Jul 2010 18:58:15 +0000

For that it's worth, the DoD doesn't actually define "cyber warfare". In fact, in 2006 it depreciated the concept of "information warfare" (http://www.dtic.mil/doctrine/new_pubs/jp3_13.pdf). The closest concept the DoD has is "cyber operations" which are meant to "operate and defend the Global Information Grid" (http://www.dtic.mil/doctrine/new_pubs/jp1_02.pdf). Personally I don't think Scheiner focused enough on the fact that "cyber war" is essentially a media construction.

New comment by tsally in "It’s Faster Because It’s C"

tsally — Wed, 14 Jul 2010 02:13:12 +0000

Err... why does the existence of shitty "C apps abound" have anything to do with how performant C programs are written?

New comment by tsally in "Ask HN: Daily schedule"

tsally — Sat, 10 Jul 2010 19:59:51 +0000

Similar discussion here: http://news.ycombinator.com/item?id=634986. My schedule is still similar, but I would be less social if I was trying to bootstrap. ;)

6:30AM Wake up, shower, eat breakfast, make coffee

7:30AM Catch the bus to work

5:00PM Finish work

5:07PM Catch bus home

6:00PM Get home, make more coffee, change clothes, eat dinner

6:15PM-10:00 Program or socialize. So far this has been a 50/50 split.

10:30PM Sleep

On weeekends I try to get up early and hit a coffee shop from 9:00-3:00. I get somewhere between 15-20 hours of programming in per week (outside of my job).

New comment by tsally in "Ask HN: How can I get the most out of SICP?"

tsally — Sun, 04 Jul 2010 08:11:26 +0000

You're going to be tempted to skip exercises because you think you understand the exercise or it is not applicable to you. Don't fall into this trap, as we humans are notoriously bad at judging what will and will not be useful for our own learning. Do all the exercises.

The two month time frame seems very optimistic unless SICP is one of your only responsibilities. It's my understanding that most semester courses that use/used the book usually never even get/got through the last chapter.

You might consider reading How to Design Programs (HtDP) as an alternative or supplement to SICP. The authors of HtDP have published a paper comparing the two works (mostly detailing the perceived shortcomings in SICP that motivated them to write HtDP in the first place). Read it here: http://www.ccs.neu.edu/scheme/pubs/jfp2004-fffk.pdf.

Good luck. :)

New comment by tsally in "The entire Steve Jobs email story... It's real"

tsally — Sat, 03 Jul 2010 20:22:58 +0000

Regardless of whether the exchange happened or not, the claim that "[the email headers] were legitimate, and that the entire thread would be extremely hard to fake, if not impossible" is an exaggeration. For reference, open up the headers of an email you've recently received from a Gmail address. Notice the DomainKey-Signature field?

  DomainKey-Signature: a=rsa-sha1; c=nofws;
          d=gmail.com; s=gamma;
          h=mime-version:in-reply-to:references:date:message-id:subject:from:to
           :content-type;
          b=IBLt9oYlFSwflVBrLP4Rq64gpUeIHJMkvAjbVoYin9vugJBa4E4hxqfKeFLp/Gw3XT
         2V/PR4M4M/Kz9CU8n7poGJ+JUBcxyT4LZc4SYNHTV1TD6nmk77Pvl7E7f8uY1sAMrR9c
         F+2HiY9MMKgb0SlPdRVqUUF0QX9XoQRzA3jFs=

That's there because Gmail (along with a few other providers such as Fastmail) implement what's called DomainKeys Identified Mail (http://en.wikipedia.org/wiki/DomainKeys_Identified_Mail). It can provide cryptographic assurance that the domain name associated with an email is valid. So using the DNS records on the Gmail domain, I can pull the public key and verify the cyptographic signature.

  mil:~ tim$ host -t txt gamma._domainkey.gmail.com
  gamma._domainkey.gmail.com descriptive text "k=rsa\; t=y\;   

  p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIhyR3oItOy22ZOaBrIVe9m/iME3RqOJeasANSpg2YTHTYV+Xtp4xwf5gTjCmHQEMOs0qYu0FYiNQPQo
  gJ2t0Mfx9zNu06rfRBDjiIU9tpx2T+NGlWZ8qhbiLo5By8apJavLyqTLavyP  
  Srvsx0B3YzC63T4Age2CDqZYA+OwSMWQIDAQAB"

If the signature is valid, I can be reasonably confident that the email is valid. (Note that some sort of DNS compromise or attack would allow an attacker to pass me a fake public key)

Now take a look back at the email headers in the article. There is no cryptographic signature that you can verify. Note that if these headers are made up, the forgery is quite good. There's even some nice SPF authentication going on in there. But it's not impossible to forge these headers. In a targeted attack, I could do just that. Depending on how much the guy got paid for the story, it might even be worth the time.

(If there's someone with domain knowledge/experience etc. in this area and has an addition or correction, I'd love to hear it)

New comment by tsally in "Ask HN: Are Web 2.0 "badges" played out?"

tsally — Sat, 03 Jul 2010 04:50:51 +0000

Not the right thing to be worried about. Once you've built your tech, consulting a designer and doing A/B testing on your website will take care of the rest.

New comment by tsally in "We will host The Pirate Bay inside the Swedish parliament"

tsally — Sat, 03 Jul 2010 04:45:17 +0000

As you say, legal torrents exist (indeed, many open source projects rely on torrents because they can't afford the bandwidth costs of direct download). Therefore, a torrent tracker has both legitimate and illegitimate uses. Similarly, I can find legal and illegal content via a Google search.

There isn't any ambiguity here. Torrents and web search are both multi-use technologies. In the case of multi-use technologies, we should prosecute the criminals based on their use of the technology in question.

New comment by tsally in "We will host The Pirate Bay inside the Swedish parliament"

tsally — Sat, 03 Jul 2010 02:08:20 +0000

Stealing a credit card is stealing in itself, you don't actually have to charge anything. The analogy isn't valid. The correct analogy is the fact that you can use Google to find numbers that look like credit card numbers. Similarly, hosting a copyrighted file is illegal. But providing the means in which to find said file is not.

There's a reason why the world should work this way. I can use a wide array of objects as a lock pick (i.e. a banana). To prosecute me for walking down the street with any of these objects (including actual lock picks) is just ludicrous. Hence why the law says that I actually have to demonstrate the intention to use a tool to steal something in order for it to be a crime. And in any case, the took maker is usually never liable.

It's a very simple idea. Prosecute the criminals, not the people who provide tools which might be used in a crime. Obviously there's an upper limit. For example, a grenade is a pretty unambiguous, single-use tool. That's why selling one is illegal. But most tools have many uses, some illegal and some not. It's an impossible task to go after the tool makers, so just go after the criminals.

New comment by tsally in "We will host The Pirate Bay inside the Swedish parliament"

tsally — Fri, 02 Jul 2010 20:22:02 +0000

Good thing you can't find copyright files to download via Google search. Otherwise it would be as bad as The Pirate Bay!

Enabling someone to break the law doesn't make the enabler culpable. We apply this standard to manufacturers of lock picks, crowbars, physical key-loggers, books detailing the security of computers, etc. I'm curious why you feel a different standard should apply to someone who provides hosting for torrent files. The onus is on the criminal, not those who provide tools which may or may not be used in a crime.

New comment by tsally in "Practicality: PHP vs Lisp"

tsally — Fri, 02 Jul 2010 19:26:26 +0000

As Mahmud mentioned, you still have to know where things are, who is working on what, what's maintained and what's obsoleted by what. Sure.. Based on your choice of packages, you aren't current with these things and consequently had a bad experience. I'd be really interested in a pointer to a production web application deployed on Weblocks, because I'm pretty sure there isn't one (or very few). The choice of CLSQL as the back-end is dubious as well.

In any case, I'm not a fan of using CL as the end to end solution for a web application. It performs far better as the middleware between the web front-end and dbase back-end. From my understanding, this is what ITA does (details in this thread: http://news.ycombinator.com/item?id=1479107). Who cares that you can't throw up a shiny front end right away if the code that does your business logic is an order of magnitude more shorter/powerful?