Hacker Newsnew | past | comments | ask | show | jobs | submit | throwawaysnipe's commentslogin

Did Heroku make a mistake? Yes. Did they mislead and lie to their customers? Yes. But is it worth pursuing a class action lawsuit that could ultimately ruin them - if not financially, but force their mgmt team to focus on this damn suit rather than fixing the damn problems? Hells no.

Nice template for an emotional appeal you've got there, dawg (seriously, wtf are you going for with the vernacular embellishments)

Your argument justifies malfeasance without penalty for any entity. Swap out 'Heroku' for Monsanto, Microsoft, or banks that launder money for drug cartels and read it again. See if you still buy the reasoning. If misleading and lying to customers (your words) isn't enough for a lawsuit, what is?

(Not saying Heroku is equivalent to any of the above companies, just illustrating the lack of reason in parent post).


Some replies to parent dispute the 'police state' moniker. Decide for yourself:

(Source: http://www.hrw.org/world-report/2013/country-chapters/singap... . Points below are all direct quotes)

* Singapore's Internal Security Act (ISA) and Criminal Law (Temporary Provisions) Act permit the authorities to arrest and detain suspects for virtually unlimited periods of time without charge or judicial review.

* The Misuse of Drugs Act permits the authorities to confine suspected drug users in "rehabilitation" centers for up to three years without trial.

* Outdoor gatherings of five or more persons still require police permits. The city-state's Speakers Corner -- where people may demonstrate, perform, and hold exhibitions -- remains the only outdoor space where uncensored speech is allowed in the country.

* The Singaporean government and senior government officials have frequently brought charges of "scandalizing the court," criminal and civil defamation, and sedition to silence and even bankrupt its critics.

* Singapore's 208,000 foreign domestic workers are still excluded from the Employment Act and key labor protections, such as limits on daily work hours.

* Human rights defenders in Singapore risk being fined, imprisoned, bankrupted, and banned from traveling outside the country without government approval.


While these aren't good, they don't refute the commonly held belief that Singapore is essentially free from corruption.

Human rights is another issue and on this they do very badly. They are among the worst places in the World to get arrested for basically anything and they have harsh laws that restrict all sorts of personal freedoms. But that's not corruption.


It's only free from corruption on the indices because financial crime is legalized (the victims are overseas in places like Burma, where their clients extract ill-gotten gains to launder in the Singapore markets) and the government, which came to power on a platform of communism and claims to be a democracy, is in fact a well established, dynastically-held totalitarian state with hopelessly enslaved (believe they are free) citizens.


That would explain why the same party has won every single election since independence.


And it explains the large overlap among executives of large companies, military brass, and government ministers. They are all the same people: literally a guy is a CEO, because he is also a general and last year he was Minister for Whatever.

I still laugh about the interview I saw with Lee Hsien Loong in which the obsequious (although perhaps rather clever) interviewer asked him whether he had been upset when Goh Chok Tong had immediately succeeded Lee Kwan Yew (Hsien Loong's father) as PM. LHL squirmed and laughed nervously, and stammered, "Well, ah, of course not. One cannot have unreasonable expectations." Even he was embarrassed for his country then.


Can you give some examples of legal financial crimes? Not saying you're wrong, I've just never heard that. I know they are a tax haven and have lax financial controls, but the "victims" of that are the tax man in foreign governments.


I am talking about, for example, laundering money for the Burmese junta, who routinely censor, enslave, imprison, rape and kill their own citizens.

eg. "In 1991, the Junta laundered $400 million through a Singapore bank as down payment for Chinese weapons." - Jane's Intelligence Review ... or see http://www.theonlinecitizen.com/2007/09/singapores-debt-of-h...


Well, the article in no way actually implies corruption.

If the men in power decided that Shane's death needed to be covered up, and the men in uniforms followed orders - then that is exactly how a non-corrupt police state works; you have strict order but that order doesn't neccessarily favor the people.

A corrupt state would have the relevant police officer be bribed individually and/or extracting favors from the relatives; corruption requires weak structure, where the system is centralised in theory but decentralised in practice, as decisions are made or changed by corrupt officials. But if the authority decides to do an evil thing and the system executes it without question - then that's a perfect example of an efficient, noncorrupt police state that achieves it's goals and spits at the costs.


If the men in power decided the death needs to be covered up, that is exactly evidence of corruption - it's just high-level corruption and not low-level.

Mexico is an example of a country with a lot of low-level corruption (you can bribe the police to get out of anything). The United States is an example of a country with very little low-level corruption, but with (arguably) lots of high-level corruption.

Singapore is a country with almost non-existant low level corruption in my experience (i lived there for a time and have visited many times), and their system is specifically designed to eliminate high-level corruption: they pay public servants high salaries and punish any corruption with very long prison sentences.


It's high level corruption if a ranking official enriches himself to harm the state/government. It's [efficient, non-corrupt but still] dictatorship if a ranking official says "ends justify means" and is ready to harm citizens if it's useful for state/government/military goals.


>If the men in power decided the death needs to be covered up, that is exactly evidence of corruption - it's just high-level corruption and not low-level.

Not if the high-level law permits this kind of thing.


The common view among Singaporean laymen is that high-level officers have little reason to be corrupt, as they pay themselves high salaries benchmarked to the top four earners in six professions [1], aimed at keeping top talent in politics and the civil service.

Whether the men in power are making the morally/ethically-correct decisions regarding this case is a separate matter altogether.

[1] http://en.wikipedia.org/wiki/Cabinet_of_Singapore#Remunerati...


Are you suggesting its legal for corporate intersts to kill people in Singapore (or anywhere)? Think we'll need a citation for that...


Corporate interests? In a lot of cases and places, corporate interests are one with those of the state.

What I suggest is that the legal structure of a state might give it the option to approve and perform those things. You'd be surprised how many western countries have also invaded places or killed people for specific corporate interests that coincide with those of the state.

It's not as if they do it for the benefit of some small company. We're talking corporations with the level of influence and budget that's bigger than a lot of countries.


While Singapore may be largely perceived by the world to be free from corruption, one of the officers from the Corrupt Practices Investigation Board was recently investigated for "financial impropriety" [1]. (Which brings to mind a case of "Quis custodiet ipsos custodes?")

At least they did something about it.

[1]: http://www.channelnewsasia.com/stories/singaporelocalnews/vi...


That OP is cherrypicking is obvious, but his web shop example is particularly brazen.

Google for 'django consulting' also turns up on first page:

http://www.comfychairconsulting.com/

http://tivix.com/

http://www.caktusgroup.com/


Linkbait with a main course of generalization and ample sides of selection bias. OP is a Python/Django shop -- if this is intended as a call to arms it is severely misguided.

What does web design have to do with the actual languages? All you've proven is that Ruby developers spend more time on HTML and CSS.

With regard to docs, as of May 2011

  "With revision 31499 of trunk RDoc reports that just 
  under half of ruby has not even a single character of
  comments with over half of the classes and modules
  missing documentation"
Source: http://blog.segment7.net/2011/05/09/ruby-1-9-3-documentation...

Given finite developer resources, I'd rather have docs over shiny. The Python community has its priorities straight.


The e-mail heavily implies that the security breach was CouchDB's fault instead of those who were administering that Couch server.

Deliberate passing the buck or accidental bad choice of words?


I think more of a serious gut check for anyone who's deliberately exposing a CouchDB server to the web because it contains all or mostly public data.


My bad, just realized you aren't e-mail writer or npm admin. Thrown off by gist author.

Deliberately exposing anything to the web should come with lots of... wait for it... deliberation. The npm guy is a core community member; this incident shows a lot of sloppiness and doesn't inspire faith.


"Humans weren't meant to do that."

You sound rather defeatist for someone who's on Hacker News. Here's a tip. Create a pattern of sorts, example follows:

    1. Choose a keyboard sequence: say qwerhjkl
    2. Pick 1 < 5 < N.  Use the first N characters of the site/service, followed by N.  npm3qwerhjkl
You now have multiple passwords with an easy mnemonic. The above example may be too obvious a pattern to crack, so come up with a better one.


Hear, hear.

There are so many ways you can do this. It's fast, easy, yet completely unintelligible to a human. My personal favorite is to convolve it with a spatial pattern, like typing the password out in Dvorak while using qwerty. Or use each finger in sequence, with each finger taking a choice of the four keys near it depending on where the site name's letters are (i.e. ycombinator = 1xefmko.qwe).

I find it also helps to have three standard versions - a standard that may contain special characters, one that is guaranteed not to, and second that acts as a fail-safe in the event the password has tight length or character constraints.

It only sounds convoluted - the rules are simple and easy to memorize, and damnably difficult to see a pattern in outside of brute-forcing.


I disagree.

Once you've broken dictionary attacks I think the next goal should be to increase length as easily a possibly.

Personally I prefer a standard prefix/postfix with with a variable competent generated from the site name or url.

This allows you to use different standard substings for different sites depending on their importance. Since the substring can include the dictionary breaking portion you are free to use less complicated generation patterns for the variable part.

The end result should be longer passwords.


"Your posts in support of Apple are so breathless. I don't want to go all ad hom, but this is a little...much."

At the time of writing, nirvana has written comments on this post totalling 3931 words, most of which defend either Apple or Jobs. Don't play chess with pigeons.


A biography is not a hagiography. If Gruber wants the latter, he can write one. He already has a lot of material for it.


You can watch The Daily Show on the site proper by setting the X-Forwarded-For header you send to '12.13.14.15'. For more details see http://www.reddit.com/r/videos/comments/onath/stephen_colber...


You're right, and the name has already been chosen: Protecting Children From Internet Pornographers Act of 2011

http://thomas.loc.gov/cgi-bin/bdquery/z?d112:HR01981:@@@L...;


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: