1. docker

Last 5 email alerts sent for docker on Hacker News

> I think it's odd to get hung up on prefixing your commands with "docker-compose exec" or ... We're already doing "bundle exec rails s" or "bundle exec capistrano production deploy" commands. So a "docker-compose up" shouldn't matter at all. To be fair, I've had frontenders complain that it was hard for them to remember the capistrano deploy commands. And that they'd love a GUI butten for deployments. Rather than just look at our wiki or write it down.
by ClikeX 2020-02-24 09:30:57 | link | parent | submission

I use docker-compose because it makes things easier and portable. Instead of opening four terminals and running ./manage.py runserver, npm run dev (twice) and hugo serve, and having project instances of Postgres, Redis and Celery running all the time, I just run docker compose up. I want to move to a new machine? docker-compose up. docker and docker-compose address blooming system complexity very well. I think that's more a reflection of the complexity than docker.
by oliwarner 2020-02-24 07:58:49 | link | parent | submission

> Why kubertetes vs docker? Docker is for building a computer program to run on a single computer. Kubernetes is for building a cluster, often across many computers with many programs. They work together.
by speedplane 2020-02-24 07:43:06 | link | parent | submission

> Does [Docker] make some things more difficult as this author says? At first, yes. As time moves forward you'll end up with many nock on effects that you can't get any other way. I agree that docker provides many efficiency improvements, especially with respect to testing, reproducing bugs, and deployment. But what about pure development of new features? In a bare-metal development environment, you just compile and run or launch a debugger. With docker, you need to compile, build a docker image, run the docker image, then launch your app/debugger. Would love to hear solutions on how to eliminate/ameliorate these additional steps.
by speedplane 2020-02-24 06:41:41 | link | parent | submission

2. Kubernetes

Last 5 email alerts sent for Kubernetes on Hacker News

It just seems like a whole lot of complexity that no one in our team understands especially well (it's another person in the team that does most of the kubernetes stuff). So far I have seen little benefit.
by collyw 2020-02-24 10:45:00 | link | parent | submission

> Why kubertetes vs docker? Docker is for building a computer program to run on a single computer. Kubernetes is for building a cluster, often across many computers with many programs. They work together.
by speedplane 2020-02-24 07:43:06 | link | parent | submission

> Kubernetes is the thing everyone will be moving away from in the next 5 years because it was too complicated for their purposes. Kubernetes solves a huge variety of problems with a single platform. In five years, Kubernetes will still be around, but there will be layers built on top of it that simplify common use-cases.
by speedplane 2020-02-24 07:37:44 | link | parent | submission

Kubernetes is the thing everyone will be moving away from in the next 5 years because it was too complicated for their purposes. The unfortunate ones that don't manage to move from it will be maintaining 5 year old kubernetes installations.
by aganame 2020-02-24 07:31:26 | link | parent | submission

this was exactly my point, if you are lucky and joined company which has high potential to grow and/or joined Google like companies with crunching lots of competitive programming problems (leetcode, hackerrank) then you might join teams where people work on kubernetes, large scale storage, low latency proxies and so on. Even though some of them are open source, it is not easy to do contributions after whole day of coding. I did this in the past, to become productive in projects like k8s you should invest a lot of your own time. At small scale k8s rarely fails and features out of box is enough for most companies, since you don't have large scale problems/experience it is difficult to come up with feature which could be useful for k8s community. this applies to other projects as well. Unless you are working full time on field, it's not easy to become expert in that field
by thrwlost 2020-02-24 07:25:39 | link | parent | submission

3. aws

Last 5 email alerts sent for aws on Hacker News

My understanding is that Ballerina has semantics for defining multiple services in the same program, and it “compiles” to a set of containers and cloud configs that allow these programs to talk to each other. So very basically it’s like putting Kubernetes or AWS into a language. But there documentation is pretty unclear as many others have noted so I really doubt my interpretation is precisely accurate.
by throwaway894345 2020-02-24 13:32:37 | link | parent | submission

> The signal servers don't even have that bit of metadata. See [1], they only store the last time that a user connected to the server. Note that it's what they claim at least. It's not verifiable client side, and to be honest, it's hard to come up with a scalable protocol where this is the case, but you should still not repeat their claim as a matter of fact while in reality we only have their word that the code actually matches what's deployed. And even if they don't store anything, AWS could still provide interested entities access to the infrastructure to capture what Signal doesn't want to capture. Yes, features like sealed sender are awesome and are an important step, but the service still gets ip addresses, which do provide hints about the sender. Again, likely Signal doesn't store ip addresses but people with access to their infrastructure could. Furthermore, Signal's encryption doesn't help against people storing all of Signal's traffic and waiting until attacks on crypto algorithms become practical (quantum computers, theoretical progress on attacks). Some secrets become irrelevant with time, others increase in value. The best defense is never having the message leave your country's network in the first place. And there's the DOS problem. What happens if the american president decides that the EU should be cut off from all US network connections? The EU parliament members can't even organize a good response to this because they use an american service...
by est31 2020-02-24 10:52:26 | link | parent | submission

I believe you may achieve the same result locally using https://github.com/openalpr/openalpr and cut your AWS and cell bills to exactly zero. It has Tesseract and OpenCV inside. Would love to see it as a part two of the article!
by SergeAx 2020-02-24 09:17:27 | link | parent | submission

Keep in mind that commercial databases are still substantially better for bulk data performance than most open source offerings, and tend to have better compatibility with other commercial databases. E.g.: Microsoft and Oracle are competitors, but it's always going to be a certainty that you can connect them directly to each other. Similarly, it's actually hard to beat MS SQL Server for OLTP workloads, especially at moderate (~1TB) scale or for ad-hoc queries that require parallelisation but not distribution to a cluster. In other words, it's great for "Medium Data". It does actually scale to large clusters with the new SQL Parallel Data Warehouse: https://docs.microsoft.com/en-us/sql/analytics-platform-syst... That's also available as an Azure service if you want to have a play: https://docs.microsoft.com/en-us/azure/sql-data-warehouse/sq... But realistically, distributed clusters are almost certainly not what you need. They're complex and slower for simple queries that could be answered by one box with a good indexing scheme. Just to reiterate: for large tables with hundreds of millions of rows, you want a modern, column-oriented database. I can't stress this enough: if you haven't yet played with SQL's ColumnStore, go spin up an instance in Azure or AWS and give it a go on one of your larger tables. It's crazy good. I've seen compression ratios of 50:1 and query performance improvements of 300:1 with basically zero hand-tuning of indexes or any such thing. There's a reason people pay $10k+ per core for Enterprise SQL Server licensing. But hey, if you're penny-pinching on a $10M project, then as I said, MySQL and PostgreSQL will work. They're better at replication, clustering, and MySQL (only) is better at low-latency for trivial queries. But they tend to be poor at connecting to commercial or otherwise quirky data sources. So then you'd probably have to layer something like Apache Drill on top: https://en.wikipedia.org/wiki/Apache_Drill
by jiggawatts 2020-02-24 07:58:22 | link | parent | submission

4. coreos

Last 5 email alerts sent for coreos on Hacker News

Support ends May 26 for CoreOS (www.theregister.co.uk)
by LinuxBender 2020-02-18 14:33:30 | comments

When my classmates preparing interview coding questions, I was working on a mini TCP implementation and a toy kernel. AWS rejected me since I failed to write prefect code to traverse a tree in level order. Google did not even give me an interview since I told the campus recruiter I have not prepared for the coding questions. Then I ended up with an internship at CoreOS and created etcd. I am glad that they did not hire me back then. Today, I am sure I still cannot pass the coding interview at "Giant Search and Advertising Company", but they run a lot of my code in production :P.
by ideal0227 2020-02-15 01:06:44 | link | parent | submission

Isn't GKE runs on CoreOS?
by Thaxll 2020-02-09 02:03:14 | link | parent | submission

Here's a nice article on CoreOS from 2013, just as they graduated from YC S13: https://www.wired.com/2013/08/coreos-the-new-linux/
by ignoramous 2020-02-08 22:45:42 | link | parent | submission

5. machine learning

Last 5 email alerts sent for machine learning on Hacker News

OCR itself is machine learning?
by mister_hn 2020-02-24 07:48:46 | link | parent | submission

Tesseract only does well if the input is clean, aligned, two tone image, already cut down -- but LPR images you get from a moving camera are anything but. Machine learning is a fine tool for this job. The specific machine learning setup is an overkill, though.
by beagle3 2020-02-24 07:36:10 | link | parent | submission

> you don't really know what you want and are waiting for A Vision that will inspire you I think this is true, to an extent. I want to become an expert at SOMETHING in programming but I have a hard time committing to one domain. Constantly plagued by FOMO. For example, if I were to deep dive into machine learning, I'd feel FOMO that I am not a robotics engineer, and couldn't code firmware well. Or If I became an expert at mobile development, I'd feel FOMO that I stumble to create a beautiful web app, etc. So yes, I don't really know what I want, and I'm waiting for a vision to inspire me.... Just as you put it. > waiting for the right wave to pick you up and sweep you into the future isn't really satisfying and so you're starting to feel burnout true. > your anxiety is rooted in uncertainty about where you're going and the feeling of futility that accompanies just swimming along with the current and never arriving anywhere in particular. There's a ton of truth in this statement. No doubt, it's the source of or a major contributor to, my angst.
by ubertoop 2020-02-24 03:52:58 | link | parent | submission

"Machine Learning" is the wrong tool for the job here. Tesseract OCR can do this, using only the Raspberry Pi, at a "good enough" framerate for any real driving situation.
by jlarocco 2020-02-24 01:33:11 | link | parent | submission

6. javascript

Last 5 email alerts sent for javascript on Hacker News

Due to the the lack of native strings in WebAssembly different Wasm compilers have different memory layouts and string encodings. For example assemblyscript uses ucs2 for the sake fo compatibility with JavaScript. This obliges to carefully work with memory bounds, string length estimation due to difference in host native and guest string encodings. For the specific goal of working with Strings in rust and assemblyscript I've created this project: https://github.com/onsails/wasmer-as .
by brainsmith 2020-02-24 12:21:01 | link | parent | submission

I agree. Most of my colleagues think I am quite a decent JavaScript programmer, but because I haven't got much commercial experience with React or Angular it is quite difficult to find a JavaScript role.
by uk_programmer 2020-02-24 12:15:01 | link | parent | submission

The language has a lot of syntactic compromises, because it has a design goal of being familiar to users of C-family languages like C, JavaScript, Java, C#, etc.
by jclark_th 2020-02-24 10:17:08 | link | parent | submission

> We've simply gotten used to them: Dealing with the idiosyncracies of bash, vi, or the JavaScript type system This stuck out to me, there seems to be a trend in UX/UI where any move away from the "simplest path" is seen as a huge negative. Could it be the case that we use these tools (especially UI patterns like vi) because after the learning curve the give a huge amount of value? It seems like we are assuming that we should make a developer tool with the same level of "immediate familliarity" that we try to build into a website where customers will bounce easily, for an audience who is willing to spend time learning a tool if it provides value to them.
by kurnikas 2020-02-24 09:44:14 | link | parent | submission

7. python

Last 5 email alerts sent for python on Hacker News

Sorry, maybe I have confused SourceGraph with https://searchcode.com , but last time I tried, it supports only most widely used languages such as Java, Python and so on, but not the language I use (Delphi/Object Pascal). I'm sorry if I'm wrong.
by edwinyzh 2020-02-24 13:33:56 | link | parent | submission

Sorry, maybe I have confused SourceGraph with https://searchcode.com , but last time I tried, it supports only most widely used languages such as Java, Python and so on, but not the language I use (Delphi/Object Pascal)
by edwinyzh 2020-02-24 13:33:37 | link | parent | submission

Python in Production (hynek.me)
by jp_sc 2020-02-24 12:42:01 | comments

there's always been something i wondered about swift : how does it compare to other PL in terms of performance ? The initial promise was to have it be comparable to other compiled languages ( java , c++, whatever), but i've yet to find a real benchmark. Or rather, the ones i've seen made it look more on the range of interpreted/dynamic languages ( ruby / python or node), at least for server side projects. Which came as a surprise to me. Has any real work been work on that issue somewhere ?
by bsaul 2020-02-24 12:40:33 | link | parent | submission

8. ios

Last 5 email alerts sent for ios on Hacker News

Signal provides reproducible builds these days: https://signal.org/blog/reproducible-android/ Not sure how feasible this is on iOS (with Bitcode).
by lxgr 2020-02-24 14:26:00 | link | parent | submission

Yes. The company I work for has various native, Xamarin, and React Native apps for iOS and Android (and Windows Phone..). We've used React Native on all of our new projects for about a year now, and it's working very well.
by onion2k 2020-02-24 13:40:59 | link | parent | submission

Now the staff who use iOS are going to be pissed when they find out chats cannot be backed up or transferred to another device and that rejoining groups on a new device is going to be painful. That’s assuming message delivery works fine and that inadvertent “device changed” notifications don’t pop up when nothing has changed. I’d bet that these people will soon find different ways to communicate just to avoid some pains and probably put up a pretense of using Signal.
by newscracker 2020-02-24 12:49:58 | link | parent | submission

I guess many just aren't paying attention to iOS land: https://support.apple.com/en-us/HT210918
by pjmlp 2020-02-24 12:30:13 | link | parent | submission

I compiled Signal for iOS and monitored the sent data through a proxy. Both behave identical. There could be a hidden switch in the distributed binaries that triggers other behavior, but I really doubt it. For Android, there are reproducible builds so you can actually check the code is the same. For iOS reproducible builds are harder but should still be possible.
by rawfan 2020-02-24 12:25:38 | link | parent | submission

9. bitcoin

Last 5 email alerts sent for bitcoin on Hacker News

>The difference is how malleable the internet infrastructure is compared to the real world. Just put up cameras with facial recognition everywhere, require every citizen to have biometric IDs (face from multiple angles, fingerprints, DNA), make covering your face illegal and bam you catch like 99% of bike thieves. >Would ransomware have taken off like it has without bitcoin? Probably, yeah. Gift cards work well too for example (they're just not as convenient), and I'm sure there are plenty of other ways to transfer money too if you're willing to incur like 50% transaction losses. >Is there some technical change to bitcoin that could make it less attractive to bad guys? Bitcoin already tracks every transaction ever. You'd have to somehow prevent mixers from existing, but I'm not sure how that'd be possible.
by pingyong 2020-02-24 13:18:13 | link | parent | submission

The first ransomware payment I saw predated Bitcoin, and had the victims use a Western Union money order. It's definitely an inhibitor for the attacker. For a start, it took days for them to get payment. The current "our Onion site will detect the payment and release keys automatically" took a human workflow, which had to impact their scale. I have no doubt some sort of mule received the payment, but it's still much more traceable if overseas LE actually wanted to investigate. And managing that mule again had to hurt scale. The amount of ransomware we see today could never have happened without Bitcoin.
by technion 2020-02-24 10:23:40 | link | parent | submission

Do they still use Bitcoin in the face of alternatives like Monero?
by paulryanrogers 2020-02-24 01:55:59 | link | parent | submission

Yeah, I think it does point to a fundamental problem in our society. Check out your local Nextdoor and I think you’ll find people calling for very harsh punishment of bike thieves. The difference is how malleable the internet infrastructure is compared to the real world. Would ransomware have taken off like it has without bitcoin? Is there some technical change to bitcoin that could make it less attractive to bad guys?
by eli 2020-02-24 01:12:21 | link | parent | submission

Fantastic write-up, I really enjoyed all of the details on how the forensics are done for these cases. Certainly a good reminder to make frequent air-gapped backups of any mission-critical machines on the network. And even with those, as the author points out, rebuild time and effort could be horrible. Steve Gibson has been heavily covering the increase in ransomeware on his excellent podcast Security Now. From SN I’ve learned some interesting points, including that Ransomeware-as-a-Service is now definitely a thing. There have been a few major operations which hand out ransomeware packages to unethical hackers in exchange for a % of the Bitcoin they collect. I can only see ransomeware becoming more and more of a problem in the future, though I certainly hope I’m wrong.
by hanklazard 2020-02-23 23:17:37 | link | parent | submission

10. ruby

Last 5 email alerts sent for ruby on Hacker News

Well, I think a book to motivate you and get you out there, making something the quickest, is RE:WORK. It was written by the Ruby on Rails creator and his co founder at Basecamp. It’s pretty different than most books and most ideas are 1-2 pages long and I found that it got me motivated to build faster than any other book.
by elamje 2019-04-20 17:05:49 | link | parent | submission

> everything compiles to the same assembler code so lets not pretend these languages are doing magical things. They don‘t and many of the dynamic features of Python (and Ruby) cannot be efficiently compiled. That‘s why it relies heavily on C modules.
by quonn 2019-04-20 16:01:12 | link | parent | submission

>It's also why you don't get multi-line lambdas. Everything is a compromise. Arguably too much of a compromise. This is just Guido doing a "because I say so" and imposing his bias against functional programming. Give me a properly-designed language like Ruby any day over Python's bag of compromises.
by cutler 2019-04-20 15:30:56 | link | parent | submission

Some of the simple words and their prominence can be amusingly informative, though. Take data structures for example. "string", "array", and "object" are about as equally prominent in both JavaScript and Ruby (where the dictionary is called "hash"). In Python, however, "string" and "list" far outweigh "dictionary" and "object", which probably says something about what kind of data structures Python developers deal with the most in their lives. Meanwhile, C# and Java seem to be all about strings -- Are people just casting everything to string because they don't want to deal with strict types? -- and PHP is the only language where more people feel like they need to ask about arrays than they do about strings. Which is not surprising since PHP uses arrays for basically everything.
by kijin 2019-04-20 14:58:07 | link | parent | submission

>To me, it feels that there is a very thick wall in between high level languages and something with raw data access like C, C++, and D. That is why we need something that offer 80% the Speed of C, 80% of Simplicity / expressiveness of Javascript / Ruby, and 80% of ease of long term maintenance of a functional PL like Ocaml.
by ksec 2019-04-20 14:38:31 | link | parent | submission