Hacker News new | past | comments | ask | show | jobs | submit | jsiepkes's comments login

I truely feel for the guy.

Reading the blog it seems like the age old story of having a superior product (drastically cut cost, better performance, etc.). However getting managers at customers to stick their neck out for it is hard. Because they know (and to a degree I can't say I blame them) changing such a critical piece of core infrastructure is going to be stressful. And what's in it for them if the company saves some money it is currently happy to spend? If it fails they sure do know what's in it for them... So big chance they'll just stick with the properietary solution they already have.

EDIT: I should add I think there is also another dimension to this. Things that currently work and "only" cost money are a problem solved for a company. If they have to change it they have to spend their "intelectual budget" on it. Meaning resources like technical people which are probably already scarce and working on other project need to be assigned to it.

Proprietary solution never cost "only" money. You generally have to negotiate licensing, then you have to renegotiate licensing when you need to make a change (or when you current terms expire). You have to invest effort into understanding your license (Open Source licenses are usually at least somewhat standardized and usually a lot short than proprietary licenses). Finally, the big kicker is vendor lock-in. If the vendor doesn't want to or can't support you business anymore, you have no choice but to replace their software. If the vendor want to change their terms, you can't find some one else to support you. If a vendor changes the product, you can't fork it to continue using it the way you need to.

I have never seen a proprietary software product that "only" cost money.

I think this misses the point, though-- no matter how true it is.

The costs associated with procuring the existing, proprietary solution are understood and accepted. If it goes wrong, it's a risk that the organization has collectively selected together.

Advocating for doing something cheaper doesn't gain any individual person that much necessarily, and incurs outsized risk. It also incurs a lot of explicit, poorly-understood costs outside of those already accepted and recurring costs.

Selling any sort of change to any company is usually very hard. It has nothing to do with proprietary versus open source. Open Source is a major selling point, and the Open Source community can/needs to do better explaining the value proposition of Open Source. That is why companies that wish to sell change employ salespeople.

Right. I don't think anyone else in this thread really said that it had something to do with proprietary vs. open source or even very much to do with free-as-in-beer vs. costly.

Companies choosing a piece of software is more than the quality of the software. A superior piece of software isn't enough.

For example, many companies want (and sometimes require) the ability to have a support contract with developers for things this critical. The people making these decisions may not even be technical and close to the system within the management structure.

Companies also may have rules and requirements that govern who they can pay and how. For example, just donating money to a developer some developers in their company like or use the software of isn't going to fly. In some countries it may not even be legal. Sometimes you need to run things as a business and jump through some hoops to make it all work financially and without burn out.

Some of this is just how the business world works. With so many businesses in so many different legal jurisdictions there's almost no way to change the system.

Skilled trades people who strike out on their own have to learn enough business to operate. It's not just about doing their skill. There's a fair amount of mentoring that happens to help people learn that stuff. Maybe we need more of that in software.

>>>> Things that currently work and "only" cost money are a problem solved for a company. If they have to change it they have to spend their "intelectual budget" on it. Meaning resources like technical people which are probably already scarce and working on other project need to be assigned to it.

This is on the mark. This is why "upgrading" anything is hard. Stuff already implemented and being used has an inertia, which is very hard to overcome.

Saw the headline and the first thing I thought was: "Because the diabetes from their sugar consumption gets them first".

Was quite surprised the video actually openend with adressing this.

What you are leaving out is that this system was the reaction to a massive fraud before it.

The same politicians who were screaming for a thougher stance on fraud are the same one now asking why there was such a though stance (Omtzigt being a good example).

The fraud encompassed people from mainly eastern European countries (mainly Bulgaria, hence it is known as the "Bulgarenfraude" [1]) coming to the Netherlands, claiming (and getting) all kinds of benefits and then returning to their home country. By the time the tax service figured out they weren't entitled to the money they couldn't reclaim it because they were gone. It was basically a free money handout for them.

Also a good deal of the people who got caught bitten by the thougher stance did actually commit fraud. At least the shady agencies which handled the benefits for these people (which those people themselves chose). Examples of these shady practices included things such as artifically inflating costs by making up expenses.

EDIT: It is also interesting to note that the husband of the lawyer who got this ball rolling was the owner of such an agency. Numerious structural inconsistencies were found when this agency was investigated (structural falsification of hourly stats and so on)[2]. Basically what they did was telling people: "Does your kid sometimes stay at a familiy member? Well we think we found a way so you can get money for that" and then they handled the paper work and got a comission. That might have been the letter of the law but was definitly not the spirit of the law.

[1] https://nl.wikipedia.org/wiki/Bulgarenfraude

[2] https://www.tweedekamer.nl/downloads/document?id=3be75800-fb...

I didn't really leave it out, I just don't think it's relevant.

I don't think knowingly persecuting citizens (in bulk!) for something they did not commit is something that ever should happen. The tax service literally flagged people based on nothing and then pushed on without listening to any arguments from their side. This is not "tougher on fraud". This is just pure bullying to inflate "frauds caught" numbers, helped by the "guilty unless proven innocent" policy which is really unfair. Many of these innocent people are still waiting for compensation!

Of course there were some that did commit fraud. And the current privatised system is really prone to abuse anyway. With the old state-run system every healthcare was given 'in kind' and there was no need for financial reimbursements. They should take money loop out of the system again. Then there will be no more scope for abuse in this way. All these dodgy agencies only cropped up to take advantage of the privatised system. And in many cases parents were not aware of their dodgy nature - in any case those agencies should be the ones being prosecuted, not the parents.

But no real systemic changes were made. An apology to those affected, some promises for compensation they're still waiting on. And things are back as they always were.

> But no real systemic changes were made. > [...] > They should take money loop out of the system again.

Apparantly you missed the fact that the whole child day-care compensation system is going to be changed [1]. Parents will no longer receive money but the money will go directly to the day-care (and eventually 100% of the costs will be covered).

> This is just pure bullying to inflate "frauds caught" numbers

I can't find any source that says so (and you don't provide a source). The only reason mentioned anywhere was the tax service thought the law compelled them to come down hard on fraud [2]. This interperation was later confirmed by the courts. It was only much later that the court made a U-turn on that decision.

> I didn't really leave it out, I just don't think it's relevant.

It's relevant because the laws which caused all this (which the tax service interperted as "we are compelled to come down hard on fraud") were a direct result of that fraud [2].

[1] https://www.nrc.nl/nieuws/2021/12/13/formatieblog-13-decembe...

[2] https://decorrespondent.nl/12103/lees-of-luister-hier-gratis...

With the bullying I refer to the tax service employees celebrating "afpakjesdag" ("taking away day"). It sounds like anything but normal professional behaviour with the citizen's rights in mind. It sounds like bureaucracy gone unchecked, serving its own goals. They also frustrated affected parents by sending them highly censored documents that didn't help them at all. The goals I have to admit were an assumption. But why would they celebrate it as a "win" otherwise?

I didn't know about the court ruling but I would trust that no court would mandate fining innocent people, otherwise there's an even bigger problem. I imagine they overinterpreted or used this as an excuse. The tax office also feels free to ignore laws, like GDPR (AVG) which they were way too late in complying with. So why obey this one so strictly?

I also didn't know that this would now be direct billed no. I don't live in the Netherlands anymore. And I don't have kids so I was never impacted. I just know what I've seen in mainstream media around the time of the inquiry. But it sounds like this should have been done right from the start.

And I think the "omgekeerde bewijslast" should be changed to normal criminal rules of "innocent until proven guilty". This is what I was referring to when saying no changes were made. This particular issue has been addressed by the direct billing but the systemic failures that led to it all running out of control have not been. It could all happen again with some other process.

You clearly know more about the ins and outs of this than me though, and I wasn't aware of the court decision or the direct billing, and only vaguely of the original fraud scandal that led to this. And I have made some assumptions about the goals. I just can't see how else they would have gone this far and celebrated it. I'm sorry for these errors. But I still think this was a serious failure of the system and the fact that a government fell over it shows I'm not the only one.

I don't think the business model of Google and Facebook allows such a thing.

Now you're getting to the spirit of the legislation.

I thought the spirit of the law was to annoy users, who don't care about being tracked, with popups.

The spirit of the law is to protect users. The spirit of the interpretation is malicious compliance designed to annoy users into advocating against their own rights and interests.

I'm a user. I don't like being tracked. Now what?

> - NFTs are not a good investment

Why would anyone think a silly picture of an ape would ever be a good investment?

I fully understand that something is "worth 300 bucks" if everyone agrees it's worth 300 bucks. I also understand that Apple stock is also overpriced but in the end there is a big gap between an overpriced stock and a silly picture of an ape...

> Why would anyone think a silly picture of an ape would ever be a good investment?

Well, it depends on the investment horizon you are looking for.

Long-term? Fully agreed, betting on a random picture of an ape as a long-term investment is rather silly, unless you either treating it as a lottery ticket or know something others don’t.

Short-term? I can easily see why someone would think it is a good investment. There is a hype going around NFTs right now, they routinely go up in price significantly, and if you want to have your chance at a risky short-term play, then why not. As long as you recognize that it is very high risk (with a high chance of your investment not panning out), and you are willing to drop some spare money on it (and being fully ok with losing them), then I don’t see any harm in it.

Note: I primarily defend it from a risky short-term investment point of view. Because while I own no NFTs and have zero desire to do so, I regularly do small short-term risky investments by playing weekly OTM stock options. No, i am not hoping to become rich off of that. But it is a fun way to break up the routine, learn more about technical fundamentals, and I am still net positive on those risky plays. Though to underline, this is a tiny portion of my portfolio, and one should not treat very high risk plays (regardless of whether it is NFTs or OTM weeklies) as a basis for one’s portfolio. Moderation and not building up illusions of the high likelihood of success with those types of high-risk investments are the key.

The simple fact is that some people have a lot of ETH that they did not get at the current market price.

Those people will pay a lot of ETH for something that when you convert it to $ seems to make no sense but if you look through the lens of "I have done extremely well already and this whole thing is an experimental platform" then it starts to justify why some people pay seemingly absurd amounts of "money" for what everyone who's "in on it" knows is basically just a cool digital trinket.

ie. If you bought 100 pebbles for $1 you'd probably trade me one of your pebbles for a nice drawing I made. The fact that pebbles are now $100 ea. is irrelevant because you're happy enough to just sell a single pebble and get $100 back and then do fun stuff with the 99 remaining pebbles.

I've never thought of it from this angle at all, but suddenly everything starts making even more sense now. Thanks for posting this, because in countless threads and discussions on the topic, I haven't seen anyone mentioning it.

> they routinely go up in price significantly

Since NFTs are so easy to mint, I'm not convinced these aren't almost all fake sales that drum-up interest in NFTs in order to sell the cheaper ones.

Apples stock actually has a low PE ratio of 30ish, suggesting it's well priced (a tad over twenty but in a market where everything is 30ish PE or worse).

PE ratio is probably the best metric for what is or isn't overpriced.

With huge amount of cash, well positioned in market and so on.

Tesla should really be the example of overpriced tech stock...

Does anyone know how many players have actually declined to play in Qatar because of this modern day slavery?

Can't be that many because I haven't seen any news about it.

I haven't heard anything like that. Seems like the world cup is just going to continue like it always does.

That 400 million dollars of potential prize money, excluding all the extra ad revenue players might receive for wearing a particular brand of shoe or drinking a particular beverage, is enough to evaporate any morals. There's also the prestige factor, the dream of being crowned the best of the best.

I've heard some stories of teams considering a boycot, but very few of those teams had any chance in getting through the qualification round. It's very easy to boycot an event you don't take part in.

For the sake of sports, soccer teams have ignored the horrid treatment of the locals many times over. FIFA is corrupt beyond saving and the Olympic Committee isn't much different. The real game being played is that of the corrupt, taking money to ensure coca cola and friends can sell ads to enough people.

We've seen massive changes in platform culture online when advertisers got scared of being associated with bad stuff, like with Elsagate on YouTube, so I think the only way to get anyone to care is to threaten the income of the parties involved. Treat any advertisement on Qatar 2022 as an endorsement of modern day slavery and be sure to let the web know how you feel. Maybe, just maybe, when the big companies start to pull out, the teams and players will suddenly find their morals again.

To be cynical about it, principles don't buy you Bentleys nor does it attract trophy wives. Not that I'm saying I'm superior, I also like money and the comfort it brings me, in the current system that rules the world.

Sibling comment has been modded to death by talking about players coming from countries with slavery, that seems over the top, but another online comment I've read is that in the Middle East, slavery is right there, meanwhile in the West there is a bit of distance. Who makes your clothes (probably underpaid Bangladeshi, or nowadays, Ughyurs), who makes your electronics (probably Chinese factory workers in not-so-great conditions), or who mined the minerals needed for them?

On the other hand, the players whose decision to boycott the games would have the intended effect of bringing some of the corruption to light and putting pressure on FIFA to not do something similar again almost certainly already have enough money to buy Bentleys and attract trophy wives.

So, if a star player really feels a certain way about this, I'm not sure the money has as much sway over them as it would over someone else, like you or me, or some lesser known player (whose boycott would have much less effect).

A lot of these players are young, almost children, that have dreamed of playing in the world cup their entire life. If they're lucky and incredibly talented they can expect to get another opportunity, but I don't think it's fair to put the onus on them to boycott.

I don't see why working hard and having dreams exempt people from making moral choices. Aside from the fact they have already earned millions. So I don't think it's quite that dramatic.

Don't forget that pension funds are also share holders. People lose theirs jobs because hedge-funds funded by Dutch pension funds trash companies for share holder value (V&D is a good example, look it up). The biggest irony is unions crying foul about hedge-funds but unions stay very silent about the fact that they fund pension funds...

While the government might not always have your best interest at heart unions certainly also have agenda's of their own. Forcing everyone in to pension funds that have:

* Not adjusted for inflation for ages; * Increased the age at which you get your pension with 5 -8 years; * Increased the amount you have to contribute to the pension fund;

So basically every year you get less, have to work longer and pay more.

Since the people who now get a pension don't want to make the necessary changes to the system (can't even say I blame them) I seriously doubt if in 30 - 40 years when I'm supposed to get a pension there is going to be anything left.

And that's not even taking in to account incidents like pension funds where the piggy bank gets plundered due to the incompetence of unions and participants [1]. When they fly the proverbial plane in to the ground you are forced to go down with them.

[1] https://www.rijnmond.nl/nieuws/130172/Hoe-de-haven-miljoenen...

Supposedly we also live longer.

Living longer is an excuse that only covers for the increasing of age at which you are allowed to retire. My grandfather retired at 59 (lived to be 89 btw). My retirement age is set to 69.

That still leaves problems like not correcting for inflation and increasing the pension contributions unexplained.

The pension system in it's current form is not sustainble forever because you need a multitude of people working vs people who are retired. It's a pyramid.

The solution is rather obvious; People should save for their individual retirement. But since the people who are now retired (or going to in the next 10 years) don't want to change the system (can't say I blame them) the measures that need to be taken are never going to be taken. Because there will forver be "people who are going to retire in the next 10 years".

59 years, like Greece had. Doesn't work, not enough labour years.

Pension funds a pyramid scheme, lol. Pension funds invest the money (not with high risk, but they can take some risks cause of the long tail) so you get more back than if you would save the money on bank. Even more so today than when banks still provided interest. They are also legally bound to have a minimum percentage of the funds, which is close to 100% (but not 100% which is OK since not whole population reaches retirement at same time).

Some people will claim they're better with investing and speculation. Great! Earn your bacon with it or make it your hobby for all I care. Some funny people will play the cryptocurrency game (no problem) and convince others to join the pyramid scheme (fuck that). Someone's always funding that as it is a zero sum game.

> Since minting such a big project is a race of fast fingers, a lot of people didn’t pay attention to what is going on.

Seems to me the thing that was exploited was one of the oldest things in existence to exploit: Human greed.

I don't really see how the Log4J2 issue would have been uncovered by testing. It's not really a bug but more of a design flaw.

The reason is that the whole JNDI string interpolation feature by itself opens a door to a whole world of layered complexity which you can't comprehend. And even if you could comprehend it all Java could add some feature to JNDI which introduces an issue which wasn't there when it was all tested.

Exactly, the JNDI feature has been on the docs for everyone to see for several years: https://logging.apache.org/log4j/2.x/manual/lookups.html

Anyone who knows anything about JNDI would've immediately recognized that this was an incredibly bad idea, as JNDI attacks are well known around black-hat circles (LDAP is just one of the things you can do once you have JNDI available).

Yet, here we are, several years later, acting surprised this thing existed and thinking that tests would've helped!? What kind of tests, exactly?!!? I think I am to blame myself, as many other Java developers who actually use log4j, has a good understanding of how it works, knows JNDI and LDAP, yet never connected the dots and noticed what this incredibly stupid feature was making possible.

There is even a JEP to remove the SecurityManager all together: https://openjdk.java.net/jeps/411

There is even a JEP to remove the SecurityManager!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact