I'm pretty sure that most the programmers, who we consider to be at the top of the professional ladder, won't be able to check off even 30% of those "achievements".
Stick the word "nontrivial" on the rest of the achievements and that number will drop rapidly. CS students do a lot of these things, but often not with much depth.
> Which they did in order to show the obvious problem in a safe and entertaining way
And the "obvious" problem is...? The car electronics was showing they had charge for 30 miles. Sat-nav was telling them their destination is 60 miles away.
For me the conclusion is that for the math challenged, driving an electric car is an "obvious" problem.
Seriously? The problem is that range is rather limited, but more importantly, refill stations are hard to find and take a very long time to complete, compared to refilling a gas tank.
The only thing a site like this can "streamline" is the weeding out of the truly incompetent people, pretending to be programmers. But I'd argue that it's not a very hard task anyway.
So, while solving the challenges will be fun for the applicants, it doesn't seem like the service would be of much help to the companies.
Weeding out the truly incompetent people may not be hard but it's time consuming nonetheless. A phone screening may take anywhere from 30 to 60 minutes of the interviewer's time, regardless of the interviewee's competence. Multiply this with the number of candidate a company has to wade through for a single opening and it gets significant real soon.
They're probably not the new LinkedIn but I think they're into something.
That's $12-$24 per year, not month. And they can do it simply because of sheer volume. Everyone has to deal with passwords so their market is humongous. If you sell to teachers that's not the case.
Selling to 100 users inside of one company is a lot different than selling to 100 individual users scattered all over the place. Company IT is likely to be the first point-of-contact for issues, which would decrease LastPass's support requirements by quite a bit.
It's obviously not copy-paste and why would it be so hard to believe that both Goldman and Salomon had the same practices of removing authors names from papers?
The similarity between the stories struck me: particularly that they both stressed the point about reports being circulated with no authors at all... OK it doesn't prove that he made it all up, but I would be willing to bet some money on it.
Can anyone explain why would you want a password longer than 16 characters? Even if it's unsalted, all lowercase letters and md5 hashed, it's impossible to bruteforce crack it. And people who use 16 character passwords are unlikely to have them all-lowercase-lettered so it's even worse for the crackers.
Sure, the 16 char limit may be arbitrary but even if you make it 50, tomorrow some outraged blogger will be complaining that he can't enter his 100-character password.
A better question is> Why WOULDN'T I want a password longer than 16 chars?
The longer the password, the more secure I feel, even if it's one day leaked as an unsalted MD5. And I don't care whether I can remember it because my password manager has effectively superseded my memory.
There is no reason to put an upper limit to the password length.
Actually, you're right. For some reason, I was thinking that I have to pick a limit for the database field but, of course, the password is hashed so it doesn't matter how long it is.
I use 16 letter or longer all lowercase passwords. They're easy to type and easy to remember. For example, my HN password might be ishouldbemoreproductive. It's hard to crack, but doesn't require finger gymnastics to enter.
Actually, English phrases contain very little entropy -- as little as 0.6 bits per character. This is because the rules for what constitutes a valid word or phrase dramatically reduce the number of possible characters at a given position. To look at it another way: take an arbitrary string of letters. What's the probability that it forms a valid English word? Very low. Flipping this the other way, if we know that a password is constructed of English words, we can immediately throw out a vast majority of the search space simply because it contains substrings that never appear in real English text.
Here's a better way to construct a strong, yet memorable password:
Take a full sentence, including punctuation and capitalization. Use the first letter of each word as your password. For example, "I should go on Hacker News less frequently, because I'll be more productive." becomes "IsgoHNlf,bIbmp.". We now have three character classes in what appears to be a random sequence.
(Yes, this still has patterns due to being constructed from English. But we've effectively taken a longer English phrase, with higher total entropy, and compressed it into a string that doesn't exhibit the low per-character entropy of the full words.)
Obviously, there are rules for what constitutes a valid phrase, but they are rather complex for a password cracker to check.
My computer says there are 234979 words. Pick 5 and there are 716382975036689591261090899 combos. That is actually very very close to a 15 letter alphanumeric. 62 ^ 15 = 768909704948766668552634368.
I don't doubt that IsgoHNlf,bIbmp. is a secure password. But it's a bitch to type. Especially on a phone.
Yes, the mayhem at the beginning is expected but I'm curious if the trial/error process could actually bring some sound stable system at the end. I'm inclined to think that this won't happen because most of the people in the bitcoin "economy" have some serious dislike for central authorities. And it's hard to design a stable monetary system without some kind of regulation and more transparency.
Wanting to avoid single points of failure doesn't seem that strange to me. It's an engineering decision, not a political one. Central authority is just a central system to hack, or become corrupt.
You wouldn't let your business become reliant on a single-supplier part, why would you let it rely on a single-supplier currency?
Regulations are only worth as much as the authority regulating them, if that. Just look at the USA. All the laws required to stop the recent mortgage meltdown were already in place and could still be used, but won't be. What value do those unused regulations have? It's better to have less fake regulations and simply not depend on a non-existent safety net.
I'd suggest concentrating on the quality of work you will (hopefully) be offering, not the min project price. If I'm a potential employer I'm not thinking "Oh, God, I'm so desperate to find someone that will charge me at least $2K!". Yet, the price is the first thing you throw at my face.
I wish it was as easy as that. Real deadlines work because there is some external factor taking place. For example, you get fired by your boss if you don't put that important report on his desk by tomorrow. Or you'll be embarrassed if you don't keep the delivery deadline you've promised to a client.
When you're setting deadlines that only you know of, there is no possibility of getting "punished" so it's much easier to procrastinate.
If it works for you, cool, but I know it doesn't work for me and most likely it doesn't work for the majority of people.
