Hacker Newsnew | past | comments | ask | show | jobs | submit | alexjeffrey's commentslogin

in my experience, if you can grab a couple of not-too-underpriced gigs on a freelancing website (my preference is PeoplePerHour as it's less price-war-y) and can get a few regular clients from that, they'll be more happy to pay a reasonable fee for a reliable and familiar developer. Bear in mind that there are a LOT of unreliable and flaky developers on these sites so once you've proven your value to someone they'll be more likely to pay higher rates to retain you.


a cryptographically secure pseudorandom number generator would be nice, too.


Server-side js has that already. On the clientside it would be useless.


What about p2p?


There is a problem with JavaScript in that there is no security mechanism currently in place to ensure the JS file you are running is what you expect to be running.

Imagine your on your favourite social network that used a JS based encryption in a p2p chat to your friend. On that same page advertisers are pushing content to you. That content could be a malicious JS file which can eavesdrop on your conversation, all the while you think its encrypted.


Isn't crypto.getRandomValues created just for this purpose ?


for anyone else wanting to read Elon Musk's story in more depth, I can't recommend "The Engineer" by Erik Nordeus enough. He basically compiled titbits of information from various interviews and articles and reconstructed the timeline of Elon Musk's public life into a great biography.

https://leanpub.com/theengineer


Thank you!

/The author


Thank you for creating - looks like an interesting read. Just purchased.


no problem at all - thanks for all the hard work you put into the book!


white privilege? don't you mean anglocentricism? the bias would be equally present if Mark was African-American or Asian-American.


we still are - plenty of startups don't even start making money before they're acquired.


truly the most hipster art project of all time. I'd back it!


realistically you would want to use a merkle tree to hash the source, to make it more secure against a chosen plaintext collision, but aside from that this'd be a great addition.


No secure hash function has collisions, so it's not necessary.


Every hash function has collisions. It's just nearly impossible to find them if the hash function is secure.


... and it's impossible to know for sure that a hash is secure against collisions. For example, MD5 was the standard for hashing for quite some time but is considered broken today due to attacks that have since been discovered. By implementing the hashing using merkle trees, you increase the avalanche effect relative to the data, making it much harder to force a collision.


Obviously any compression function has collisions - this is a mathematical fact. What I mean with "no secure hash function has collisions" is that if you are using a secure hash function you shouldn't need extra defenses against collisions attacks as the "secure" in "secure hash function" implies those attacks are infeasible.


it should also be mentioned that Jerry's commentary is _hilarious_ - he's basically the SeaNanners of chess.


but with all the publicity surrounding their actions, will they become more well known which will in fact counteract their star rating on Yelp? My guess is yes.


I think there's also an appeal to certain types of businesses like restaurants when they don't act like corporate profit-maximizers.


you say that, but minecraft is worth actual money because it sells a product that lots of people want to buy and has a lot of potential for further attached products (servers, DLC, etc). A more apt comparison would be whatsapp/instagram/whatever ridiculous social app facebook is buying this week for $X billion, without any revenue or business model to speak of.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: