The following is drawn from a speech I delivered today at Cooper Union’s Great Hall in New York City, where I joined Lieutenant Colonel Alexander Vindman to discuss the future of the American Dream:
What is the American Dream?
In 1931, at the height of the Great Depression, James Truslow Adams first defined the American Dream as
“[...] a land in which life should be better and richer and fuller for everyone, with opportunity for each according to ability or achievement. [...] not a dream of motor cars and high wages merely, but a dream of social order in which [everyone] shall be able to attain to the fullest stature of which they are innately capable, and be recognized by others for what they are, regardless of the fortuitous circumstances of birth or position”
I wanted to know what these words meant to us today. I needed to know what parts of the American Dream we all still had in common. I had to make some sense of what was happening to our country. I’ve been writing on my blog since 2004, and on November 7th, I started writing the most difficult piece I have ever written.
I asked so many Americans to tell me what the American Dream personally meant to them, and I wrote it all down.
Later in November, I attended a theater performance of The Outsiders at my son’s public high school – an adaptation of the 1967 novel by S.E. Hinton. All I really knew was the famous “stay gold” line from the 1983 movie. But as I sat there in the audience among my neighbors, watching the complete story acted out in front of me by these teenagers, I slowly realized what “stay gold” meant: sharing the American Dream.
We cannot merely attain the Dream. The dream is incomplete until we share it with our fellow Americans. That act of sharing is the final realization of everything the dream stands for.
Thanks to S.E. Hinton, I finally had a name for my essay, “Stay Gold, America.” I published it on January 7th, with a Pledge to Share the American Dream.
In the first part of the Pledge, the short term, our family made eight 1 million dollar donations to the following nonprofit groups: Team Rubicon, Children’s Hunger Fund, PEN America, The Trevor Project, NAACP Legal Defense and Educational Fund, First Generation Investors, Global Refuge, and Planned Parenthood.
Beyond that, we made many additional one million dollar donations to reinforce our technical infrastructure in America – Wikipedia, The Internet Archive, The Common Crawl Foundation, Let’s Encrypt, pioneering independent internet journalism, and several other crucial open source software infrastructure projects that power much of the world today.
I encourage every American to contribute soon, however you can, to organizations you feel are effectively helping those most currently in need.
But short term fixes are not enough.
The Pledge To Share The American Dream requires a much more ambitious second act – deeper, long term changes that will take decades. Over the next five years, my family pledges half our remaining wealth to plant a seed toward foundational long term efforts ensuring that all Americans continue to have the same fair access to the American Dream.
Let me tell you about my own path to the American Dream. It was rocky. My parents were born into deep poverty in Mercer County, West Virginia, and Beaufort County, North Carolina. Our family eventually clawed our way to the bottom of the middle class in Virginia.
I won’t dwell on it, but every family has their own problems. We did not remain middle class for long. But through all this, my parents got the most important thing right: they loved me openly and unconditionally. That is everything. It’s the only reason I am standing here in front of you today.
With my family’s support, I managed to achieve a solid public education in Chesterfield County, Virginia, and had the incredible privilege of an affordable state education at the University of Virginia. This is a college uniquely rooted in the beliefs of one of the most prominent Founding Fathers, Thomas Jefferson. He was a living paradox. A man of profound ideals and yet flawed – trapped in the values of his time and place.
Still, he wrote “Life, liberty, and the pursuit of happiness” at the top of the Declaration of Independence. These words were, and still are, revolutionary. They define our fundamental shared American values, although we have not always lived up to them. The American Dream isn’t about us succeeding, alone, by ourselves, but about connecting with each other and succeeding together as Americans.
I’ve been concerned about wealth concentration in America ever since I watched a 2012 video by politizane illustrating just how extreme wealth concentration already was.
I had no idea how close we were to the American Gilded Age from the late 1800s. This period was given a name in the 1920s by historians referencing Mark Twain’s 1873 novel, The Gilded Age, A Tale of Today.
During this time, labor strikes often turned violent, with the Homestead Strike of 1892 resulting in deadly confrontations between workers and Pinkerton guards hired by factory owners. Rapid industrialization created hazardous working conditions in factories, mines, and railroads, where thousands died due to insufficient safety regulations and employers who prioritized profit over worker welfare.
In January 2025, while I was still writing “Stay Gold, America”, we entered the period of greatest wealth concentration in the entirety of American history. As of 2021, the top 1% of households controlled 32% of all wealth, while the bottom 50% only have 2.6%. It’s difficult to find more recent data, but wealth concentration has only intensified in the last four years.
We can no longer say “Gilded Age.”
We must now say “The First Gilded Age.”
Today, in our second Gilded Age, more and more people find their path to the American Dream blocked. When Americans face unaffordable education, lack of accessible healthcare, or lack affordable housing, they aren’t just disadvantaged – they’re trapped, often burdened by massive debt. They have no stable foundation to build their lives. They watch desperately, working as hard as they can, while life simply passes them by, without even the freedom to choose their own lives.
They don’t have time to build a career. They don’t have time to learn, to improve. They don’t get to start a business. They can’t choose where their kids will grow up, or whether to have children at all, because they can’t afford to. Here in the land of opportunity, the pursuit of happiness has become an endless task for too many.
We are denying people any real chance of achieving the dream that we promised them – that we promised the entire world – when we founded this nation. It is such a profound betrayal of everything we ever dreamed about. Without a stable foundation to build a life on, our fellow Americans cannot even pursue the American Dream, much less achieve it.
I ask you this: as an American, what is the purpose of a dream left unshared with so many for so long? What’s happening to our dream? Are we really willing to let go of our values so easily? We’re Americans. We fight for our values, the values embodied in our dream, the ones we founded this country on.
Why aren’t we sharing the American Dream?
Why aren’t we giving everyone a fair chance at Life, Liberty, and the Pursuit of Happiness by providing them the fundamentals they need to get there?
The Dream worked for me, decades ago, and I deeply believe that the American Dream can still work for everyone – if we ensure every American has the same fair chance we did. The American Dream was never about a few people being extraordinarily wealthy. It’s about everyone having an equal chance to succeed and pursue their dreams – their own happiness. It belongs to them. I think we owe them at least that. I think we owe ourselves at least that.
What can we do about this? There are no easy answers. I can’t even pretend to have the answer, because there isn’t any one answer to give. Nothing worth doing is ever that simple. But I can tell you this: all the studies and all the data I’ve looked at have strongly pointed to one foundational thing we can do here in America over the next five years.
Natalie Foster, co-founder of the Economic Security Project, makes a powerful case for the idea that, with all this concentrated wealth, we can offer a Guaranteed Minimum Income in the poorest areas of this country – the areas of most need, where money goes the farthest – to unlock vast amounts of untapped American potential.
This isn’t a new idea. We’ve been doing this a while now in different forms, but we never called it Guaranteed Minimum Income.
In 1797, Thomas Paine proposed a retirement pension funded by estate taxes. It didn’t go anywhere, but it planted a seed. Much later we implemented the Social Security Act in 1935 . The economic chaos of the Great Depression coupled with the inability of private philanthropy to provide economic security inspired Franklin Roosevelt’s New Deal government programs. The most popular and effective program to emerge from this era was Social Security, providing a guaranteed income for retirees. Before Social Security, half of seniors lived in poverty. Today only 10% of seniors live in poverty.
In his 1967 book Where Do We Go From Here: Chaos or Community, Martin Luther King Jr made the moral case for a form of UBI, Universal Basic Income. King believed that economic insecurity was at the root of all inequality. He stated that a guaranteed income — direct cash disbursements — was the simplest and best way to fight poverty.
In 1972, Congress established the Supplemental Security Income (SSI) program, providing direct cash assistance to low-income elderly, blind, and disabled individuals with little or no income. This cash can be used for food, housing, and medical expenses, the essentials for financial stability. As of January, 2025, over 7.3 million people receive SSI benefits.
In 1975, Congress passed the Tax Reduction Act, establishing the Earned Income Tax Credit. This tax credit benefits working-class parents with children, encouraging work by increasing the income of low-income workers. In 2023, it lifted about 6.4 million people out of poverty, including 3.4 million children. According to the Census Bureau, it is the second most effective anti-poverty tool after Social Security.
In 2019, directly inspired by King, mayor Michael Tubbs – at age 26, one of the youngest mayors in American history – launched the $3 million Stockton Economic Empowerment Demonstration. It provided 125 residents with $500 per month in unconditional cash payments for two years. The program found that recipients experienced improved financial stability, increased full-time employment, and enhanced well-being.
In my “Stay Gold, America” blog post, I referenced the Robert Frost “Stay Gold” poem and S.E. Hinton’s famous famous novel The Outsiders, urging us to retain our youthful ideals as we grow older. Ideals embodied in the American Dream.
Which brings us to another Robert Frost poem, The Road Not Taken. Our proposal to ensure access to the American Dream is to follow the path less travelled by: Guaranteed Minimum Income. GMI is a simpler, more practical, more scalable plan to directly address the root of economic insecurity with minimum bureaucracy.
We are partnering with GiveDirectly, who oversaw the most GMI studies in the United States, and OpenResearch, who just completed the largest, most detailed GMI study ever conducted in this country in 2023. We are working together to launch a new Guaranteed Minimum Income initiative in rural American communities.
Network effects within communities explain why equality of opportunity is so effective, and why a shared American Dream is the most powerful dream of all. The potential of the American Dream becomes vastly greater as more people have access to it, because they share it.
They share it with their families, their friends, and their neighbors. The groundbreaking, massive 2023 OpenResearch UBI study data showed that when you give money to the poorest among us, they consistently go out of their way to share that money with others in desperate need.
The power of opportunity is not in what it can do for one person, but how it connects and strengthens bonds between people. When you empower a couple, you allow them to build a family. When you empower families, you allow them to build a community. When you guarantee fundamentals, you’re providing a foundation for those connections to grow and thrive. This is the incredible power and value of community. That is what we are investing in – each other.
A system where there are no guarantees creates conflict. It creates inequality. A massive concentration of wealth in so few hands weakens connections between us and prevents new ones. America began as a place of connection. Millions of us came together to build this nation, not individually, but together. Equality is connection, and connection is more valuable than any product any company will ever sell you.
Why focus on rural communities? There are consistently higher poverty rates in rural counties, with fewer job opportunities, lower wages, and worse access to healthcare and education. It’s not a new problem, either — places like Appalachia, the Mississippi Delta, and American Indian reservations have been stuck in poverty for decades, with some counties like Oglala Lakota, SD (55.8%) and McDowell, WV (37.6%) hitting extreme levels. Meanwhile, urban counties rarely see numbers that high. The data from the US Census and USDA Economic Research Service make it clear: if you’re poor in America, being rural makes it even harder to escape.
Rural areas also offer smaller populations, which is helpful because we need to start small with lots of tightly controlled studies that we can carefully scale and improve on for larger areas. We hope to build a large body of scientific data showing that GMI really does improve the lives, and the communities, of our fellow Americans.
We will work with existing local groups to coordinate GMI studies where community members choose to enroll. We will conduct outreach and and provide mentorship to these opt-in study participants. It will be teamwork between Americans.
We hope Veterans will play a crucial role in our effort. We plan to work with local communities and veteran-serving organizations to engage veterans to support and execute our GMI programs – the same veterans who served our country with distinction, returning home with exceptional leadership skills and a deep commitment to their communities. Their involvement ensures these programs reflect core American values of self-reliance and community service to fellow Americans.
We’ll also partner with established community organizations — churches, civic groups, community colleges, local businesses. These partnerships help integrate our GMI studies with existing support systems, rather than creating new ones.
GiveDirectly and OpenResearch will build on their existing body of work, gathering extensive data from these refined studies. We’ll measure employment, entrepreneurship, education, health, and community engagement. We’ll conduct regular interviews with participants to understand their experience. How is this working for you? How can we make it better? You tell us. How can we make it better together?
Economic security isn’t only about individual well-being – it’s the bedrock of democracy. When people aren’t constantly worried about feeding themselves, feeding their family, having decent healthcare, having a place to live… we have given them room to breathe. We have given them freedom. The freedom to raise their children, the freedom to start businesses, the freedom to choose where they work, the freedom to volunteer... the freedom to vote.
This isn’t about ideology or government. It’s about us, as Americans, working together to invest in our future – possibly the greatest unlocking of human potential in our entire history. I do not say these things lightly. I’ve seen it work. I’ve looked at all the existing study data. A little bit of money is incredibly transformational for people in poverty – the people who need it the most – the people who cannot live up to their potential because they’re so busy simply trying to survive. Imagine what they could do if we gave them just a little breathing room.
GMI is a long term investment in the future of what America should be, the way we wrote it down in the Declaration of Independence, perhaps incompletely – but our democracy was always meant to be malleable, to change, to adapt, and improve.
I’d like to conclude by mentioning Aaron Swartz. He was a precocious teenage programmer much like myself. Aaron helped develop RSS web feeds, co-founded Reddit, and worked with Creative Commons to create flexible copyright licenses for the common good. He used technology to make information universally accessible to everyone.
Aaron created a system to download public domain court documents from PACER, a government database that charged fees for accessing what he believed should be freely available public information. A few years later, while visiting MIT under their open campus policy and as a research fellow at Harvard, he used MIT’s network to download millions of academic articles from JSTOR, another fee-charging online academic journal repository, intending to make this knowledge freely accessible. Since taxpayers had funded much of this research, why shouldn’t that knowledge be freely available to everyone?
What Aaron saw as an act of academic freedom and information equality, authorities viewed as a crime—he was arrested in January 2011 and charged with multiple felonies for what many considered to be nothing more than accessing knowledge that should have been freely available to the public in the first place.
Despite JSTOR declining to pursue charges and MIT eventually calling for leniency, federal prosecutors aggressively pursued felony charges against Aaron with up to 35 years in prison. Facing overwhelming legal pressure and the prospect of being labeled a felon, Aaron took his own life at 26. This sparked widespread criticism of prosecutorial overreach and prompted discussions about open access to information. Deservedly so. Eight days later, in this very hall, there was a standing room only memorial service praising Aaron for his commitment to the public good.
Aaron pursued what was right for we, the people. He chose to build the public good despite knowing there would be risks. He chose to be an activist. I think we should all choose to be activists, to be brave, to stand up for our defining American principles.
My family is committing 50 million dollars to this endeavor, but imagine if we had even more to share. Imagine how much more we could do, if we build this together, starting today. Decades from now, people will look back and wonder why it took us so long to share our dream of a better, richer, and fuller life with our fellow Americans.
I hope you join us on this grand experiment to share our American Dream. I believe everyone deserves a fair chance at what was promised when we founded this nation: Life, Liberty, and the pursuit of The American Dream.
]]>A few months ago I wrote about what it means to stay gold — to hold on to the best parts of ourselves, our communities, and the American Dream itself. But staying gold isn’t passive. It takes work. It takes action. It takes hard conversations that ask us to confront where we’ve been, where we are, and who we want to be.
That’s why I’m incredibly honored to be joining Alexander Vindman in giving a talk at the historic Cooper Union Great Hall 14 days from now. I greatly admire the way Colonel Vindman was willing to put everything on the line to defend the ideals of democracy and the American Dream.
The American Dream is, at its core, the promise that hard work, fairness, and opportunity can lead to a better future. But in 2025, that promise feels like a question: How can we build on our dream so that it works for everyone?
Alexander and I will explore this in our joint talk through the lens of democracy, community, and economic mobility. We come from very different backgrounds, but we strongly share the belief that everyone's American Dream is worth fighting for.
Alexander Vindman has lived many lifetimes of standing up for what's right. He was born in the Soviet Union and immigrated to the U.S. as a child, growing up in Brooklyn before enlisting in the U.S. Army. Over the next 21 years, he served with distinction, earning a Purple Heart for injuries sustained in Iraq and eventually rising to Director of European Affairs for the National Security Council. When asked to choose between looking the other way or upholding the values he swore to protect, he chose correctly. That decision cost him his career but never his integrity. I have a lot to learn about what civic duty truly means from Alex.
I build things on the Internet, like Stack Overflow and Discourse. I write on the internet, on this blog. I've spent years thinking about how people interact online, how communities work (or don't), and how we create digital spaces that encourage fairness, participation, and constructive discourse. Spaces that result in artifacts for the common good, like local parks, where everyone can enjoy them together. Whether you're running a country or running a forum, the same rules seem to apply: people need clear expectations, fair systems, strong boundaries, and a shared sense of purpose.
This is the part of Stay Gold I couldn't tell you about, not yet, because I was working so hard to figure it out. How do you make long-term structural change that creates opportunity for everyone? It is an incredibly complex problem. But if we focus our efforts in a particular area, I believe we can change a lot of things in this country. Maybe not everything, but something foundational to the next part of our history as a country: how to move beyond individual generosity and toward systems that create security, dignity, and possibility for all.
I can't promise easy answers, but what I can promise is an honest, unfiltered conversation about how we move forward, with specifics. Colonel Vindman brings the perspective of someone who embodied American ideals, and I bring the experience of building self-governing digital communities that scale, which turned out to be far more relevant to the future of democracy than I ever would have dreamed possible.
Imagine what we can do if Alex and I work together. Imagine what we could do if we all worked together.
This event was streamed in real time via the Cooper Union Great Hall YouTube channel:
We are at an unprecedented point in American history, and I’m concerned we may lose sight of the American Dream:
We must act now to keep the dream alive. Our family made eight $1 million donations to nonprofit groups working to support those most currently in need:
I encourage every American to contribute soon, however you can, to organizations you feel are effectively helping those most currently in need here in America.
We must also work toward deeper changes that will take decades to achieve. Over the next five years, my family pledges half our remaining wealth towards long term efforts ensuring that all Americans continue to have access to the American Dream.
I never thought my family would be able to do this. My parents are of hardscrabble rural West Virginia and rural North Carolina origins. They barely managed to claw their way to the bottom of the middle class by the time they ended up in Virginia. Unfortunately, due to the demons passed on to them by their parents, my father was an alcoholic and my mother participated in the drinking. She ended up divorcing my father when I was 16 years old. It was only after the divorce that my parents were able to heal themselves, heal their only child, and stop the drinking, which was so destructive to our family. If the divorce hadn’t forced the issue, alcohol would have inevitably destroyed us all.
My parents may not have done everything right, but they both unconditionally loved me. They taught me how to fully, deeply receive love, and the profound joy of reflecting that love upon everyone around you.
I went on to attend public school in Chesterfield County, Virginia. In 1992 I graduated from the University of Virginia, founded by Thomas Jefferson.
During college, I worked at Safeway as a part-time cashier, earning the federal minimum wage, scraping together whatever money I could through government Pell grants, scholarships, and other part-time work to pay my college tuition. Even with lower in-state tuition, it was rocky. Sometimes I could barely manage tuition payments. And that was in 1992, when tuition was only $3,000 per year. It is now $23,000 per year. College tuition at a state school increased by 8 times over the last 30 years. These huge cost increases for healthcare, education, and housing are not compatible with the American Dream.
Programmers all over the world helped make an American Dream happen in 2008 when we built Stack Overflow, a Q&A website for programmers creating a shared Creative Commons knowledge base for the world. We did it democratically, because that’s the American way. We voted to rank questions and answers, and held elections for community moderators using ranked choice voting. We built a digital democracy – of the programmers, by the programmers, for the programmers. It worked.
With the guidance of my co-founder Joel Spolsky, I came to understand that the digital democracy of Stack Overflow was not enough. We must be brave enough to actively, openly share love with each other. That became the foundation for Discourse, a free, open source tool for constructive, empathetic community discussions that are also Creative Commons. We can disagree in those discussions because Discourse empowers communities to set boundaries the community agrees on, providing tools to democratically govern and strongly moderate by enforcing these boundaries. Digital democracy and empathy, for everyone.
In order for digital democracy to work, we need to see each other through our screens.
We often behave online in ways we never would in the real world because we cannot see the person on the other side of the screen. But as our world becomes more digital, we must extend our kindness through that screen.
I’ve always felt Stack Overflow and Discourse are projects for the public good that happen to be corporations. I probably couldn’t have accomplished this in any other country, and I was rewarded handsomely for a combination of hard work and good luck. That’s what the American Dream promises us.
We built it, and people came. I earned millions of dollars. I thought that was the final part of the American Dream. But it wasn’t.
I recently attended a theater performance of The Outsiders at my son’s public high school. All I really knew was the famous “stay gold” line from the 1983 movie adaptation. But as I sat there in the audience among my neighbors, watching the complete story acted out in front of me by these teenagers, I slowly realized what staying gold actually meant: sharing the American Dream.
In the printed program, the director wrote:
This play is a reminder that strength lies not just in overcoming hardships but in staying true to ourselves and lifting up those around us.
We hope you feel the raw emotions, sense the camaraderie, and connect with the enduring themes of resilience, empathy, and unity. Whether you’ve read this story recently, long ago, or not at all, I hope you are able to find inspiration in the strength and passion of youth. Thank you for being part of this journey with us.
Stay gold.
I believe deeply in sharing The American Dream. It is the foundation of our country, the second paragraph in our Declaration of Independence, written by the founder of the public university I attended:
We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the pursuit of Happiness.
But the American Dream is not always available to every American. Its meaning can be distorted. Jimi Hendrix captured this distortion so eloquently in his rendition of our national anthem.
We are still trying to live up to those ideals today. In November 2024, enough of us voted for people who interpret the dream in a way that I don’t understand.
34% of adults in America did not exercise their right to vote. Why? Is it voter suppression, gerrymandering causing indifference, or people who felt their vote didn’t matter? The 7.6% that are ineligible to vote are mostly adults living in America who have not managed to attain citizenship, or people convicted of a felony. Whatever the reasons, 42% of adults living in America had no say in the 2024 election. The vote failed to represent everyone.
I think many of the Americans who did vote are telling us they no longer believe our government is effectively keeping America fair for everyone. Our status as the world’s leading democracy is in question. We should make it easier for more eligible Americans to vote, such as making election day a national holiday, universal mail in voting, and adopting ranked choice voting so all votes carry more weight. We should also strengthen institutions keeping democracy fair for everyone, such as state and local election boards, as well as the Federal Election Commission.
It was only after I attained the dream that I was able to fully see how many Americans have so very little. This much wealth starts to unintentionally distance my family from other Americans. I no longer bother to look at how much items cost, because I don’t have to. We don’t have to think about all these things that are challenging or unreachable for so many others. The more wealth you attain, the more unmistakably clear it becomes how unequal life is for so many of us.
Even with the wealth I have, I can’t imagine what it would feel like to be a billionaire. It is, for lack of a better word, unamerican.
In 2012, the top 1% of Americans held 24% of our country’s wealth. By 2021, the top 1% of Americans held 30%. So many have so little, while a tiny few have massive, wildly disproportionate wealth, which keeps growing. Now the global top 1% hold nearly twice as much wealth as the rest of the world combined.
I grew up poor in America, inspired by the promise of the American Dream that I could better myself and my family by building things that mattered:
Work is service, not gain. The object of work is life, not income. The reward of production is plenty, not private fortune. We should measure the prosperity of a nation not by the number of millionaires, but by the absence of poverty, the prevalence of health, the efficiency of the public schools, and the number of people who can and do read worthwhile books. – Du Bois
Our version of capitalism delivered so much wealth to my family for my hard work in co-founding two successful companies. My partner and I gladly paid our full taxes, and we always planned to give most of our remaining wealth to charities when we pass, following the Warren Buffett Philanthropic Pledge:
More than 99% of my wealth will go to philanthropy during my lifetime or at death.
I admire Buffett, but even having only a tiny fraction of his $325 billion fortune, to me this pledge was incomplete. When would this wealth be transferred?
Last year he amended the pledge, giving all his wealth at death to a charitable trust run by his children, aged 71, 69, and 66, who do not make for natural charitable bedfellows. I am only holding back enough wealth for my children so they can afford college educations and buy a home. I am compelled to, because being a parent is the toughest job I’ve ever had, and I am concerned about their future.
November 5th raised the stakes. It is now time to allocate half the wealth I was so fortunate to be dealt within the next five years, not just for my own family, but for all my fellow Americans.
Our government seems to be slower and slower at delivering change due to the increased polarization of our two party system. The last meaningful constitutional amendment we’ve managed to pass in the last 60 years was the 26th amendment in 1971, lowering the voting age to 18 and giving more people a voice in our democracy.
Political polarization is at historically high levels and rising. In a two party system, this level of polarization is counterproductive and even dangerous. Do we all still believe in the same American Dream?
I’ve always loved the ideals behind the American Dream, though we continually struggle to live up to them. They are worth fighting for, even if it means making “good trouble”. We must come together and believe in our shared American Dream so deeply that we can improve our democracy... but which dream?
The American Dream contains the path of hate, and the path of love. Throughout our history, one hand is always fighting the other. Which path are we choosing?
Our family pledges half our remaining wealth toward an American Dream founded on love.
Here are some starting points for longer term efforts:
We’ve already completed the eight $1 million donations listed above to help those most immediately in need. Within the next five years, half of our family wealth will support longer term efforts. There is no single solution, so let’s work together. I will gladly advise and empower others working towards the same goal.
Please join us in Sharing the American Dream:
Stay gold, America. 💛
(Edit: 3/9/25 – if you are curious what long term efforts we have chosen to support, please see my followup blog post Let's Talk About The American Dream, and stay tuned for our Cooper Union talk co-presented with Alexander Vindman on Thursday, March 20th at 7pm eastern time.)
(I could not have done this without the support of my partner Betsy Burton and the rest of my family. I'd also like to thank Steve McConnell, whose writing inspired me to start this blog in 2004. So many people from all walks of life generously shared their feedback to improve this post. We wrote it together. Thank you all.) ]]>(Arrival is a fantastic movie. Watch it, but don’t stop there – read the Story of Your Life novella it was based on
]]>With a 13 billion year head start on evolution, why haven’t any other forms of life in the universe contacted us by now?
(Arrival is a fantastic movie. Watch it, but don’t stop there – read the Story of Your Life novella it was based on for so much additional nuance.)
This is called the Fermi paradox:
The Fermi Paradox is a contradiction between high estimates of the probability of the existence of extraterrestrial civilizations, such as in the Drake equation, and lack of any evidence for such civilizations.
- There are billions of stars in the galaxy that are similar to the Sun, including many billions of years older than Earth.
- With high probability, some of these stars will have Earth-like planets, and if the Earth is typical, some might develop intelligent life.
- Some of these civilizations might develop interstellar travel, a step the Earth is investigating now.
- Even at the slow pace of currently envisioned interstellar travel, the Milky Way galaxy could be completely traversed in about a million years.
According to this line of thinking, the Earth should have already been visited by extraterrestrial aliens. In an informal conversation, Fermi noted no convincing evidence of this, nor any signs of alien intelligence anywhere in the observable universe, leading him to ask, “Where is everybody?”
To me, this is a compelling argument, in the same way that the lack of evidence of any time travellers is:
Many have argued that the absence of time travelers from the future demonstrates that such technology will never be developed, suggesting that it is impossible. This is analogous to the Fermi paradox related to the absence of evidence of extraterrestrial life. As the absence of extraterrestrial visitors does not categorically prove they do not exist, so the absence of time travelers fails to prove time travel is physically impossible; it might be that time travel is physically possible but is never developed or is cautiously used. Carl Sagan once suggested the possibility that time travelers could be here but are disguising their existence or are not recognized as time travelers.
It seems, to me at least, clear evidence that time travel is not possible, given the enormous amount of time behind us. Something, somewhere, would certainly have invented it by now... right?
So if not, what happened? The Great Filter maybe?
The Great Filter theory says that at some point from pre-life to Type III intelligence, there’s a wall that all or nearly all attempts at life hit. There’s some stage in that long evolutionary process that is extremely unlikely or impossible for life to get beyond. That stage is The Great Filter.
I liked Wait But Why’s take on this a lot, which covers three main filter possibilities:
Those are three Great Filter possibilities, but the question remains: why are we so alone in the observable universe? I grant you that what we can observe is appallingly tiny given the unimaginable scale of the universe, so “what we can observe” may not be enough by many orders of magnitude.
I encourage you to read the entire article, it’s full of great ideas explained well, including many other Great Filter possibilities. Mostly I wanted to share my personal theory of why we haven’t encountered alien life by now. Like computers themselves, things don’t get larger. They get smaller. And faster. And so does intelligent life.
Why build planet-size anything when the real action is in the small things? Small spaces, small units of time, everything gets smaller.
Large is inefficient and unnecessary. Look at the history of computers: from giant to tiny and tinier. From slow to fast and faster. Personally, I have a feeling really advanced life eventually does away with all physical stuff that slows you down as soon as they can, and enters the infinite spaces between:
This is, of course, a variant on the Fermi paradox: We don’t see clues to widespread, large-scale engineering, and consequently we must conclude that we’re alone. But the possibly flawed assumption here is when we say that highly visible construction projects are an inevitable outcome of intelligence. It could be that it’s the engineering of the small, rather than the large, that is inevitable. This follows from the laws of inertia (smaller machines are faster, and require less energy to function) as well as the speed of light (small computers have faster internal communication). It may be – and this is, of course, speculation – that advanced societies are building small technology and have little incentive or need to rearrange the stars in their neighborhoods, for instance. They may prefer to build nanobots instead.
– Seth Shostak
Seth delivers an excellent TED talk on this topic as well:
If we can barely see far in the universe as is, there’s no way we could possibly see into the infinite space and time between.
That is of course just my opinion, but we’ll see... eventually.
]]>If you haven’t been able to keep up with my blistering pace of one blog post per year, I don’t blame you. There’s a lot going on right now. It’s a busy time. But let’s pause and take a moment to celebrate that Elon Musk destroyed Twitter. I can’t possibly say it better than Paul Ford, so I’ll just refer you there:
Every five or six minutes, someone in the social sciences publishes a PDF with a title like “Humans 95 Percent Happier in Small Towns, Waving at Neighbors and Eating Sandwiches.” When we gather in groups of more than, say, eight, it’s a disaster. Yet there is something fundamental in our nature that desperately wants to get everyone together in one big room, to “solve it.” Our smarter, richer betters (in Babel times, the king’s name was Nimrod) often preach the idea of a town square, a marketplace of ideas, a centralized hub of discourse and entertainment – and we listen. But when I go back and read Genesis, I hear God saying: “My children, I designed your brains to scale to 150 stable relationships. Anything beyond that is overclocking. You should all try Mastodon.”
It’s been clear for quite some time that the early social media strategery of “jam a million people in a colosseum and let them fight it out with free speech” isn’t panning out, but never has it been more clear than now, under the Elon Musk regime, that being beholden to the whims of a billionaire going through a midlife crisis isn’t exactly healthy for society. Or you. Or me. Or anyone, really.
I tried to be fair; I gave the post-Elon Twitter era a week, thinking “how bad could it possibly be?” and good lord, it was so much worse than I could have possibly ever imagined. It’s like Elon read the Dilbert pointy-haired-manager book on management and bonked his head on every rung of the ladder going down, generating an ever-growing laundry list of terrible things no manager should ever do. And he kept going!
It’s undeniably sad. I really liked Twitter, warts and all, from 2007 onward. In fact, it was the only “social network” I liked at all. Even when it became clear in the Trump era that Twitter was unhealthy for human minds, I soldiered on, gleaning what I could. I’m not alone in that; Clay Shirky’s moribund signoff at the end of 2022 reflected how I felt:
Indeed, Twitter was murdered at the whims of a billionaire high on Ketamine while it was (mostly) healthy, because of the “trans woke virus”.
I urge you, all of you, to disavow Twitter and never look at it again. No one who cares about their mental health should be on Twitter at this point, or linking to Twitter and feeding it the attention it thrives on. We should entomb Twitter deep in concrete with this public warning on its capstone:
In the end, I begrudgingly realized, as did Paul Ford, that Elon unwittingly did us a favor by killing Twitter. He demonstrated the very real dangers of any platform run by a king, a dictator, a tyrant, a despot, an autocrat. You can have all your content rug-pulled out from under you at any time, or watch in horror as your favorite bar... slowly transforms into a Nazi bar.
I’ve been saying for a long time that decentralization is the way to go. We can and should have sane centralized services, of course, but it’s imperative that we also build decentralized services which empower users and give them control, rather than treating them like digital sharecroppers. That’s what our Discourse project is all about. I propose collective ownership of the content and the communities we build online. Yeah, it’s more work, it’s not “free” (sorry not sorry), but I have some uncomfortable news for you: those so-called “free” services aren’t really free.
Which, again, is not to say that “free” services don’t have a place in the world, they do, but please don’t harbor any illusions about what you are sacrificing in the name of “free.” Grow up.
I take a rather Tron-like view of the world when it comes to this stuff; in the software industry, our goal should be to empower users (with strong moderation tools), not exploit them.
So I encourage you to explore alternatives to Twitter, ideally open source, federated alternatives. Is it messy? Hell yes it’s messy. But so is democracy; it’s worth the work, because it’s the only survivable long term path forward. Anything worth doing is never easy.
I’m currently on Mastodon, an open source, federated Twitter alternative at https://infosec.exchange/@codinghorror – I urge you to join me on the Mastodon server of your choice, or quite literally any other platform besides Twitter. Really, whatever works for you. Pick what you like. Help make it better for everyone.
To inspire that leap of faith, I am currently auctioning off, with all funds to benefit The Trevor Project which offers assistance to LGBTQ youth, these 10 museum quality brass plaques of what I consider to be the best tweet of all time, hands down:
(Blissfully, @horse_ebooks is also on Mastodon. As they should be. As should you. Because everything happens so much.)
If you’d like to bid on the 10 brass plaques, follow these links to eBay, and please remember, it’s for a great cause, and will piss Elon off, which makes it even sweeter:
(Apologies, I had to cancel the old auctions because I forgot to allow international shipping – I’ve also made shipping free, worldwide.)
I will sign the back of every plaque, because each one comes with my personal guarantee that it will easily outlive what’s left of Twitter.
]]>By January 1st, 2030, completely autonomous self-driving cars meeting SAE J3016 level 5 will be commercially available for]]>
It’s my honor to announce that John Carmack and I have initiated a friendly bet of $10,000* to the 501(c)(3) charity of the winner’s choice:
By January 1st, 2030, completely autonomous self-driving cars meeting SAE J3016 level 5 will be commercially available for passenger use in major cities.
I am betting against, and John is betting for.
By “completely autonomous”, per the SAE level 5 definition, we mean the vehicle performs all driving tasks under all conditions – except in the case of natural disasters or emergencies. A human passenger enters the vehicle and selects a destination. Zero human attention or interaction is required during the journey.
By “major cities” we mean any of the top 10 most populous cities in the United States of America.
To be clear, I am betting against because I think everyone is underestimating how difficult fully autonomous driving really is. I am by no means against self driving vehicles in any way! I’d much rather spend my time in a vehicle reading, watching videos, or talking to my family and friends… anything, really, instead of driving. I also think fully autonomous vehicles are a fascinating, incredibly challenging computer science problem, and I want everyone reading this to take it as just that, a challenge. Prove me wrong! Make it happen by 2030, and I’ll be popping champagne along with you and everyone else!
(My take on VR is far more pessimistic. VR just… isn’t going to happen, in any “changing the world” form, in our lifetimes. This is a subject for a different blog post, but I think AR and projection will do much more for us, far sooner.)
I’d like to thank John for suggesting this friendly wager as a fun way to generate STEM publicity. He is, and always will be, one of my biggest heroes. Go read Masters of Doom if you haven’t, already!
And while I have you, we’re still looking for code contributions in our project to update the most famous programming book of the BASIC era. Proceeds from that project will also go to charity. 😎
*We may adjust the amount up or down to adjust for inflation as mutually agreed upon in 2030, so the money has the desired impact.
* We may adjust the amount up or down to adjust for inflation as mutually agreed upon in 2030, so the money has the desired impact. ]]>With early computers, you didn’t boot up to a fancy schmancy desktop, or a screen full of apps you could easily poke and prod with your finger. No, those computers booted up to the command
]]>In a way, these two books are responsible for my entire professional career.
With early computers, you didn’t boot up to a fancy schmancy desktop, or a screen full of apps you could easily poke and prod with your finger. No, those computers booted up to the command line.
From here, if you were lucky, you might have a cassette tape drive. If you knew the right commands, you could type them in to load programs from cassette tape. But that was an expensive add-on option with early personal computers. For many of us, if we wanted the computer to do anything, we had to type in entire programs from books like 101 Basic Computer Games, by hand... like so.
Yep, believe it or not, circa 1983, this was our idea of a good time. No, we didn't get out much. The book itself was a sort of greatest hits compilation of games collected from Ahl’s seminal Creative Computing Magazine in the 1970s:
As soon as Ahl made up his mind to leave DEC, he started laying the groundwork for Creative Computing. He announced intentions to publish the magazine at NCC in June 1974 and over the next few months contacted prospective authors, got mailing lists, arranged for typesetting and printing, and started organizing hundreds of other details.
In addition, he also moved his family to Morristown, NJ, and settled into his new job at AT&T. He had little spare capital, so he substituted for it with “sweat equity.” He edited submitted articles and wrote others. He specified type, took photos, got books of “clip art,” drew illustrations, and laid out boards. He wrote and laid out circulation flyers, pasted on labels, sorted and bundled mailings.
By October 1974, when it was time to specify the first print run, he had just 600 subscribers. But Ahl had no intention of running off just 600 issues. He took all the money he had received, divided it in half, and printed 8000 copies with it. These rolled off the presses October 31, 1974. Ahl recounts the feeling of euphoria on the drive to the printer replaced by dismay when he saw two skids of magazines and wondered how he would ever get them off the premises. Three trips later, his basement and garage were filled with 320 bundles of 25 magazines each. He delivered the 600 subscriber copies to the post office the next day, but it took nearly three weeks to paste labels by hand onto the other 7400 copies and send them, unsolicited, to libraries and school systems throughout the country.
I also loved Creative Computing, but it was a little before my time:
As you can see, there’s no way average people in 1973-1976 were doing a whole lot with BASIC programs, as they had no microcomputers capable of running BASIC to buy! It took a while for inexpensive personal computers to trickle down to the mainstream, which brings us to roughly 1984 when the sequels started appearing.
There was a half-hearted attempt to modernize these early BASIC programs in 2010 with SmallBasic, but I didn’t feel these ports did much to bring the code up to date, and overall had little relevance to modern code practices. You can compare the original 1973 BASIC Civil War with the 2010 SmallBasic port to see what I mean:
Certainly we can do a bit better than merely removing the line numbers? What about our old buddy the subroutine, merely the greatest invention in computer science? It’s nowhere to be seen. 🤔
So it was with considerable enthusiasm that I contacted David H. Ahl, the author, and asked for permission to create a website that attempted to truly update all these ancient BASIC programs.
Thankfully, permission was granted. It’s hard to understate how important this book was to an entire generation of programmers. At one point, there were more copies of this book in print than there were personal computers, period!
... in 1973, DEC published an anthology, 101 BASIC Computer Games. The book quickly went into a second printing, for a total of 10,000 copies sold. “That was far more books than there were computers around, so people were buying three, four, five of them for each computer.”
It went on to be the first computer book to sell a million copies. Quite a legacy.
I think we owe it to the world to bring this book up to date using modern, memory safe languages that embody the original spirit of BASIC, and modern programming practices including subroutines.
So let’s do this. Please join us on GitHub, where we’re updating those original 101 BASIC games in 10 memory safe, general purpose scripting languages:
(Edit: as of March 2022, we’ve a) offered Kotlin as an alternative to Java, b) removed Pascal since we can’t guarantee memory safety there, and replaced it with Rust, which very much can, and c) added Lua which just cracked the top 20 in TIOBE and strongly meets the scripting and memory safe criteria.)
Now, bear in mind these are very primitive games from the 1970s. They aren’t going to win any awards for gameplay, or programming sophistication. But they are precious artifacts of early computing that deserve to be preserved for future generations, including the wonderful original art by George Beker.
We need your help to do this right, and collaboratively together, as with all modern programming projects. Imagine we’re all typing these programs in simultaneously together online, all over the world, instead of being isolated alone in our room in 1984, cursing at the inevitable typo we made somewhere when typing the code in by hand out of the book. 🤬
Thanks Mr. Ahl. And a big thanks to everyone who contributed to this project when it was in beta, announced only on Twitter:
To encourage new contributions, by the end of 2022, for every functioning program submitted in each of the 10 indicated languages, I’ll donate $5 to Girls Who Code. Before beginning, please read the guidelines in the readme, and if you have questions, scan through this discussion topic. And most of all, remember, this stuff is supposed to be fun.
(I don’t want to be “that one guy,” so I’m also looking for project co-owners who can help own and organize this effort. If this is a project that really appeals to you, show me what you can do and let’s work together as a team.)
Perhaps as your new year’s resolution you can see fit to carve off some time to take part in our project to update a classic programming book – one of the most influential books in computing history – for 2022 and beyond! 🎉
]]>Hard to believe that I’ve had the same PC case since 2011, and my last serious upgrade was in 2015. I guess that’s yet another sign that the PC is over, because PC upgrades have gotten really boring. It took 5 years for me to muster up the initiative to get my system fully upgraded! 🥱
I’ve been slogging away at this for quite some time now. My PC build blog entry series spans 13 glorious years:
The future of PCs may not necessarily be more speed (though there is some of that, if you read on), but in smaller builds. For this iteration, my go-to cases are the Dan A4 SFX...
And the Streacom DA2...
The attraction here is maximum power in minimum size. Note that each of these cases are just large enough to fit...
...though the DA2 offers substantially more room for cooling the CPU and adding fans.
I’m not sure you can physically build a smaller standard mini-ITX system than the DAN A4 SFX, at least not without custom parts!
DAN A4-SFX
200mm × 115mm × 317mm = 7.3 liters
Silverstone RVZ02 / ML08
380mm × 87mm × 370mm = 12.2 liters
nCase M1
240mm × 160mm × 328 mm = 12.6 liters
Streacom DA2
180mm × 286mm × 340mm = 17.5 liters
(For comparison with The Golden Age of x86 Gaming consoles, a PS4 Pro occupies 5.3 liters and an Xbox One S 4.3 liters. About 50% more volume for considerably more than 2× the power isn’t a bad deal!)
I chose the Streacom DA2 as my personal build, because after experimenting heavily with the DAN A4 SFX, I realized you need more room to deal with extremely powerful CPUs and GPUs in this form factor, and I wanted a truly powerful system:
Compared to my old 2015-2017 system, a slightly overclocked i7-7700k, that at least gives me 2× the cores (and faster cores, both in clock rate and IPC), 2× the memory, and 2× the M.2 slots (two versus one).
The DA2 is a clever case though less perfect than the A4-SFX. What’s neat about it is the hybrid open-air design (on the top and bottom) plus the versatile horizontal and vertical bracket system interior. Per the manual (PDF):
Check out all the bracket mounting options. Incredibly versatile, and easy to manipulate with the captured nut and bolt design:
Note that you can (and really should) pop out the top and bottom acrylic pieces with the mesh dust net.
I had dramatically better temperatures after I did this, and it also made the build easier since the case can fully “breathe” through the top and bottom. You’ll note that the front of the DA2 is totally solid, no air holes, so you do need that extra airflow.
I only have a few criticisms of this Streacom DA2 case:
Here’s the configuration I recommend, open on both the top and bottom for maximum airflow, with three fans total:
If you are a water cooling kind of person – I am definitely not, I experienced one too many traumatic cooling fluid leaks in the early 2000s – then you will use that 140mm space for the radiator.
I have definitely burn-in tested this machine, as I do all systems I build, and it passed with flying colors. But to be honest, if you expect to be under full CPU and GPU loads for extended periods of time you might need to switch to water cooling due to the space constraints. (Or pick slightly less powerful components.)
If you haven’t built a PC system recently, it’s easier than it has ever been. Heck by the time you install the M.2 drives, memory, CPU, and cooler on the motherboard you’re almost done, these days!
There are a lot of interesting compact mini-itx builds out there. Perhaps that’s the primary innovation in PC building for 2020 and beyond – packing all that power into less than 20 liters of space!
Read a Spanish translation of this article here.
]]>In an electric car, the (enormous) battery is a major part of the price. If electric car prices are decreasing, battery costs must be decreasing, because it’s not like the cost of fabricating rubber, aluminum, glass, and steel into car shapes can decline that much, right?
On an electric scooter, though, the effect of battery price has to be even more dramatic because scooters are such lightweight, compact, and simple machines. They aren’t much more than a battery and an electric motor to begin with. Remember the Zappy electric scooter from twenty years ago?
What killed the electric scooter back then is the same thing that killed the electric car of year 2000: terrible lead-acid battery technology. It’s too heavy, it lacks power, it doesn’t have enough range, it takes too long to charge. These are all different ways of saying the same thing: the battery sucks. It wasn’t until Lithium Ion batteries matured that both the electric car and the electric scooter – and pretty much electric everything, if you think about it – became viable.
Thus, one way to see if Lithium Ion battery prices are indeed generally dropping independent of all other manufacturing concerns is to examine the cost of electric scooters over the last few years. Let’s consider one of the most popular models, the Xiaomi Mi M365:
This graph only shows roughly two years, from January 2018 to now; it looks like the original price for the Xiaomi M365 when it hit the US market in early 2017 was around $800. So the price of a popular, common electric scooter has halved in three years. Very good news indeed for electric vehicles of all types!
This dramatic drop in electric scooter price from 2016 to 2019 may not be surprising versus the parallel rise of the quasi-legal electric scooter smartphone app rental industry over roughly the same time period, in the form of Bird, Lime, Skip, Spin, Scoot, etc.
Early versions of Bird scooters were actual Xiaomi M365s, slightly modified for rental. Only by late 2018 had they migrated to custom built, ruggedized scooters optimized for the rental market. The rental industries have their own challenges, and ironically have started to pivot to monthly rentals rather than the classic 15 cents per minute.
Bird has experimented with its business model in recent months. In early March, the company altered its repair program in Los Angeles, which had relied on gig workers to fix broken scooters. It moved repairs in-house (though scooters are still charged each night by an army of gig workers). Later that month, the company introduced scooters with locks in some markets, in a bid to prevent theft and vandalism.
In April, it announced the launch of a more traditional rental program in San Francisco and Barcelona, in which users could pay $25 per month to rent a Xiaomi m365 from the company rather than paying per ride.
But this isn’t meant to be a blog entry about the viability of scooter rental company business models.
I want to tackle a more fundamental question: are electric scooters the future of transportation?
Even Uber, as screwed up of a company as they still are, knows cars are overkill for a lot of basic transportation needs:
We have plenty of scooters here at my house, and the family and I enjoy them greatly, but I have never actually ridden or owned an electric scooter. So I bought one. It is of course the popular, inexpensive, and well reviewed Xiaomi Mi M365.
Here’s a picture of my electric scooter inside my electric car. (I apologize that I didn’t have an electric bicycle to park next to it for maximum smugness, but you can bet your sweet electrons I’ll work on that next!)
The short version of my review is this electric scooter is incredibly fun, works great, and if you can get it for a price around $300, practically a no-brainer. I love it, my kids love it, and as long as you’re conceptually OK with the look, unlike Elon Musk, 🛴💨 then you’ll probably love it too.
I found a neat video covering the “one year later” experience of owning the scooter, and what you might eventually run into or want to tweak.
(The main thing to take away from this video is that flats super suck on tires this small, so be warned. I put Slime in my Mi’s tires out of an abundance of caution, but you could also go with solid tubeless tires – at the cost of some ride comfort – if you’re really worried.)
That’s not to say that the electric scooter experience is perfect. There are some challenges with electric scooters, starting with the biggest one: your local government has no idea how to regulate the darn things.
The answers also vary wildly depending on where you live, and with no consistency or apparent logic. Here are the current electric scooter laws in California, for what it’s worth, which require the rider to have a valid driver’s license (unlike electric bicycles) and also disallow them from sidewalks, both of which I feel are onerous and unnecessary restrictions.
One aspect of those laws I definitely agree with, however, is the 15 mile per hour speed restriction. That’s a plenty brisk top speed for a standing adult with no special safety equipment. Anything faster starts to get decidedly… uncomfortable. Consider this monster of a 1165KWh electric scooter, with dual motors and dual suspension that goes up to forty freakin’ miles per hour.
That… is… terrifying. Even the reviewer, in full motorcycle safety gear, wasn’t willing to push it all the way to 40 MPH. And I don’t blame him! But now that I’ve shown you the undisputed Honda Civic everyman budget model of electric scooter in the M365, hopefully this gives you a taste of the wider emerging diversity in these kinds of minimalistic electric vehicles. If you want a luxury electric scooter, an ultralight electric scooter, a rugged offroad electric scooter… all things are possible, for a price.
Another reason the M365 is available for so cheap is that is successor, the Xiaomi M365 Pro, was recently released, although it is not quite possible to obtain in the US at the moment.
Having ridden my M365 a fair bit, I can confirm all the Pro improvements are welcome, if incremental: bigger battery and disc brake, more power, better display, improved latch mechanism, etc.
None of those Pro improvements, however, are worth a 2× increase in price so I’d recommend sticking with the M365 for now because its value proposition is off the charts. Did I mention there’s a Bluetooth connection, and an app, and it is possible to hack the M365 firmware? Pretty cool how electric vehicles are inherently digital, isn’t it?
Here are a few other observations after riding my M365 around a fair bit:
To be honest with you I’m still bitter about the whole Segway debacle. There was so much hype back in the day. That ridiculous thing was supposed to change the world. Instead, we got… Paul Blart Mall Cop.
A Segway was $5,000 at launch in 2001, which is a whopping $7,248 in inflation adjusted dollars. Here in 2019, cheap $200 to $300 electric scooters are basically the transformational technology the Segway was supposed to be, aren’t they? Are electric scooters the future of (most) transportation? I’m not sure, but I do like where we’re headed, even if it took us twenty years to get there.
]]>I’ve never thought of myself as a “car person.” The last new car I bought (and in fact, now that I think about it, the first new car I ever bought) was the quirky 1998 Ford Contour SVT. Since then, we bought a VW station wagon in 2011 and a Honda minivan in 2012 for family transportation duties. That’s it. Not exactly the stuff The Stig’s dreams are made of.
The station wagon made sense for a family of three, but became something of a disappointment because it was purchased before — surprise! — we had twins. As Mark Twain once said:
Sufficient unto the day is one baby. As long as you are in your right mind don’t you ever pray for twins. Twins amount to a permanent riot. And there ain’t any real difference between triplets and an insurrection.
I’m here to tell you that a station wagon doesn’t quite cut it as a permanent riot abatement tool. For that you need a full sized minivan.
I’m with Philip Greenspun. Like black socks and sandals, minivans are actually… kind of awesome? Don’t believe all the SUV propaganda. Minivans are flat out superior vehicle command centers. Swagger wagons, really.
The A-Team drove a van, not a freakin’ SUV. I rest my case.
After 7 years, the station wagon had to go. We initially looked at hybrids because, well, isn’t that required in California at this point? But if you know me at all, you know I’m a boil the sea kinda guy at heart. I figure if you’re going to flirt with partially electric cars, why not put aside these half measures and go all the way?
Do you remember that rapturous 2014 Oatmeal comic about the Tesla model S? Even for a person who has basically zero interest in automobiles, it did sound really cool.
It’s been 5 years, but from time to time I’d see some electric vehicle on the road and I’d think about that Intergalactic SpaceBoat of Light and Wonder. Maybe it’s time for our family to jump on the electric car trend, too, and just late enough that we can avoid the bleeding edge and end up merely on the… leading edge?
That’s why we’re now the proud owners of a fully electric 2019 Kia Niro.
I’ve somehow gone from being a person who basically doesn’t care about cars at all… to being one of those insufferable electric car people who won’t shut up about them. I apologize in advance. If you suddenly feel an overwhelming urge to close this browser tab, I don’t blame you.
I was expecting another car, like the three we bought before. What I got, instead, was a transformation:
This electric car is such a great experience. It’s so much better than our gas powered station wagon that I swear, if there was a fully electric minivan (there isn’t) I would literally sell our Honda minivan tomorrow and switch over. Without question. And believe me, I had no plans to sell that vehicle two months ago. The electric car is that much better.
I was expecting “yet another car,” but what I got instead was a new, radical worldview. Driving a car powered by barely controlled liquid fuel detonations used to be normal. But in an world of more and more viable electric vehicles this status quo increasingly starts to feel… deeply unnatural. Electric is so much better of an overall experience that you begin to wonder: why did we ever do it that way?
Gas cars seem, for lack of a better word, obsolete.
How did this transformation happen, from my perspective, so suddenly? When exactly did electric cars go from “expensive, experimental thing for crazy people” to “By God, I’ll never buy another old fashioned gasoline based car if I can help it”?
I was vaguely aware of the early electric cars. I even remember one coworker circa 2001 who owned a bright neon green Honda Insight. I ignored it all because, like I said, I’m not a car guy. I needed to do the research to understand the history, and I started with the often recommended documentary, Who Killed the Electric Car?
This is mostly about the original highly experimental General Motors EV1 from 1996 to 1999. It’s so early the first models had lead-acid batteries! 😱 There’s a number of conspiracy theories floated in the video, but I think the simple answer to the implied question in the title is straight up price. The battery tech was nowhere near ready, and per the Wikipedia article the estimated actual cost of the car was somewhere between $100,000 and $250,000 though I suspect it was much closer to the latter. It is interesting to note how much the owners (well, leasers) loved their EV1s. Having gone through that same conversion myself, I empathize!
I then watched the sequel, Revenge of the Electric Car. This one is essential, because it covers the dawn of the modern electric car we have today.
This chronicles the creation of three very influential early electric cars – the Nissan Leaf, the Chevy Volt, and of course the Tesla Roadster from 2005 - 2008. The precise moment that Lithium-Ion batteries were in play – that’s when electric cars started to become viable. Every one of these three electric cars was well conceived and made it to market in volume, though not without significant challenges, both internal and external. None of them were perfect electric vehicles by any means: the Roadster was $100k, the Leaf had limited range, and the Volt was still technically a hybrid, albeit only using the gasoline engine to charge the battery.
Ten years later, Tesla has the model 3 at $38,000 and we bought our Kia Niro for about the same price. After national and state tax incentives and rebates, that puts the price at around $30,000. It’s not as cheap as it needs to be… yet. But it’s getting there. And it’s already competitive with gasoline vehicles in 2019.
It’s still early, but the trend lines are clear. And I’m here to tell you that right now, today, I’d buy any modern electric car over a gasoline powered car.
If you too are intrigued by the idea of owning an electric car, you should be. It’s freaking awesome! Bring your skepticism, as always; I highly recommend the above Matt Ferrell explainer video on electric vehicle myths.
As for me, I have seen the future, and it is absolutely, inexorably, and unavoidably… electric.⚡
]]>Websites have gotten
]]>When I wrote about App-pocalypse Now in 2014, I implied the future still belonged to the web. And it does. But it’s also true that the web has changed a lot in the last 10 years, much less the last 20 or 30.
Websites have gotten a lot… fatter.
While I think it’s irrational to pine for the bad old days of HTML 1.0 websites, there are some legitimate concerns here. The best summary is Maciej Cegłowski’s, The Website Obesity Crisis:
To channel a famous motivational speaker, I could go out there tonight, with the materials you’ve got, and rewrite the sites I showed you at the start of this talk to make them load in under a second. In two hours.
Can you? Can you?
Of course you can! It’s not hard! We knew how to make small websites in 2002. It’s not like the secret has been lost to history, like Greek fire or Damascus steel.
But we face pressure to make these sites bloated.
I bet if you went to a client and presented a 200 kilobyte site template, you’d be fired. Even if it looked great and somehow included all the tracking and ads and social media crap they insisted on putting in. It’s just so far out of the realm of the imaginable at this point.
The whole article is essential; you should stop what you’re doing and read it now if you haven’t already. But if you don’t have time, here’s the key point:
This is a screenshot from an NPR article discussing the rising use of ad blockers. The page is 12 megabytes in size in a stock web browser. The same article with basic ad blocking turned on is 1 megabyte.
That’s right, through the simple act of running an ad blocker, you’ve reduced that website’s payload by twelve times. Twelve! That’s like the most effective exercise program ever!
Even the traditional advice to keep websites lean and mean for mobile no longer applies because new mobile devices, at least on the Apple side, are faster than most existing desktops and laptops.
Despite claims to the contrary, the bad guy isn’t web bloat, per se. The bad guy is advertising. Unlimited, unfettered ad “tech” has creeped into everything and subsumed the web.
Personally I don’t even want to run ad blockers, and I didn’t for a long time – but it’s increasingly difficult to avoid running an ad blocker unless you want a clunky, substandard web experience. There’s a reason the most popular browser plugins are inevitably ad blockers, isn’t there? Just ask Google:
So it’s all the more surprising to learn that Google is suddenly clamping down hard on adblockers in Chrome. Here’s what the author of uBlock Origin, an ad blocking plugin for Chrome, has to say about today’s announcement:
In order for Google Chrome to reach its current user base, it had to support content blockers – these are the top most popular extensions for any browser. Google strategy has been to find the optimal point between the two goals of growing the user base of Google Chrome and preventing content blockers from harming its business.
The blocking ability of the webRequest API caused Google to yield control of content blocking to content blockers. Now that Google Chrome is the dominant browser, it is in a better position to shift the optimal point between the two goals which benefits Google’s primary business.
The deprecation of the blocking ability of the webRequest API is to gain back this control, and to further instrument and report how web pages are filtered, since the exact filters which are applied to web pages are useful information which will be collectable by Google Chrome.
The ad blockers themselves are arguably just as complicit. Eye/o GmbH owns AdBlock and uBlock, employs 150 people, and in 2016 they had 50 million euros in revenue, of which about 50% was profit. Google’s paid “Acceptable Ads” program is a way to funnel money into adblockers to, uh, encourage them to display certain ads. With money. Lots… and lots… of money. 🤑
We simultaneously have a very real web obesity crisis, and a looming crackdown on ad blockers, seemingly the only viable weight loss program for websites. What’s a poor web citizen to do? Well, there is one thing you can do to escape the need for browser-based adblockers, at least on your home network. Install and configure Pi-Hole.
I’ve talked about the amazing Raspberry Pi before in the context of classic game emulation, but this is another brilliant use for a Pi.
Here’s why it’s so cool. If you disable the DHCP server on your router, and let the Pi-Hole become your primary DHCP server, you get automatic DNS based blocking of ads for every single device on your network. It’s kind of scary how powerful DNS can be, isn’t it?
My Pi-Hole took me about 1 hour to set up, start to finish. All you need is
I do recommend the 3b+ because it has native gigabit ethernet and a bit more muscle. But literally any Raspberry Pi you can find laying around will work, though I’d strongly advise you to pick one with a wired ethernet port since it’ll be your DNS server.
I’m not going to write a whole Pi-Hole installation guide, because there are lots of great ones out there already. It’s not difficult, and there’s a slick web GUI waiting for you once you complete initial setup. For your initial testing, pick any IP address you like on your network that won’t conflict with anything active. Once you’re happy with the basic setup and web interface:
Once you do this, all your network devices will start to grab their DHCP leases from your Pi-Hole, which will also tell them to route all their DNS requests through the Pi-Hole, and that’s when the ✨ magic ✨ happens!
All those DNS requests from all the devices on your network will be checked against the ad blacklists; anything matching is quickly and silently discarded before it ever reaches your browser.
(The Pi-Hole also acts as a caching DNS server, so repeated DNS requests will be serviced rapidly from your local network, too.)
If you’re worried about stability or reliability, you can easily add a cheap battery backed USB plug, or even a second backup Pi-Hole as your secondary DNS provider if you prefer belt and suspenders protection. Switching back to plain boring old vanilla DNS is as easy as unplugging the Pi and flicking the DHCP server setting in your router back on.
At this point if you’re interested (and you should be!), just give it a try. If you’re looking for more information, the project has an excellent forum full of FAQs and roadmaps.
You can even vote for your favorite upcoming features!
I avoided the Pi-Hole project for a while because I didn’t need it, and I’d honestly rather jump in later when things are more mature.
With the latest Chrome crackdown on ad blockers, now is the time, and I’m impressed how simple and easy Pi-Hole is to run. Just find a quiet place to plug it in, spend an hour configuring it, and promptly proceed to forget about it forever as you enjoy a lifetime subscription to a glorious web ad instant weight loss program across every single device on your network with (almost) zero effort!
Finally, an exercise program I can believe in.
]]>I’m not talking about a cheapo shared cpanel server, either, I mean a dedicated virtual private server with those specifications.
We
]]>When we started Discourse in 2013, our server requirements were high:
I’m not talking about a cheapo shared cpanel server, either, I mean a dedicated virtual private server with those specifications.
We were OK with that, because we were building in Ruby for the next decade of the Internet. I predicted early on that the cost of renting a suitable VPS would drop to $5 per month, and courtesy of Digital Ocean that indeed happened in January 2018.
The cloud got cheaper, and faster. Not really a surprise, since the price of hardware trends to zero over time. But it’s still the cloud, and that means it isn’t exactly cheap. It is, after all, someone else’s computer that you pay for the privilege of renting.
But wait… what if you could put your own computer “in the cloud”?
Wouldn’t that be the best of both worlds? Reliable connectivity, plus a nice low monthly price for extremely fast hardware? If this sounds crazy, it shouldn’t – Mac users have been doing this for years now.
I suppose it’s understandable that Mac users would be on the cutting edge here since Apple barely makes server hardware, whereas the PC world has always been the literal de-facto standard for server hardware.
Given the prevalence and maturity of cloud providers, it’s even a little controversial these days to colocate actual servers. We’ve also experimented with colocating mini-pcs in various hosting roles. I’m still curious why there isn’t more of a cottage industry for colocating mini PCs. Because… I think there should be.
I originally wrote about the scooter computers we added to our Discourse infrastructure in 2016, plus my own colocation experiment that ran concurrently. Over the last three years of both experiments, I’ve concluded that these little boxes are plenty reliable, with one role specific caveat that I’ll explain in the comments. I remain an unabashed fan of mini-PC colocation. I like it so much I put together a new 2019 iteration:
2017 — $670 | 2019 — $820 |
i7-7500u 2.7-3.5 Ghz, 2c / 4t | i7-8750h 2.2-4.1 Ghz, 6c / 12t |
16GB DDR3 RAM | 32GB DDR4 RAM |
500GB SATA SSD | 500GB NVMe SSD |
This year’s scooter computer offers 3× the cores, 2× the memory, and 3× faster drive. It is, as the kids say… an absolute unit. 😱
It also has a rather elegant dual-sided internal layout. There is a slot for an old-school 2.5″ drive, plus built in wi-fi, but you won’t see it in my pictures because I physically removed both.
I vetted each box via my recommended burn in and stability testing and they all passed with flying colors, though I did have to RMA one set of dodgy RAM sticks in the process. The benchmarks tell the story, as compared to the average Digital Ocean droplet:
Per-core performancesysbench cpu --cpu-max-prime=20000 run
DO Droplet | 2,988 |
2017 Mini-PC | 4,800 |
2019 Mini-PC | 5,671 |
Multi-core performancesysbench cpu --cpu-max-prime=40000 --num-threads=8 run
DO Droplet | 2,200 |
2017 Mini-PC | 5,588 |
2019 Mini-PC | 14,604 |
Disk performancedd bs=1M count=512 if=/dev/zero of=test conv=fdatasync
hdparm -Tt /dev/sda
DO Droplet | 701 / 8818 / 471 MB/sec |
2017 Mini-PC | 444 / 12564 / 505 MB/sec |
2019 Mini-PC | 1200 / 17919 / 3115 MB/sec |
Discourse rebuildtime ./launcher rebuild app
DO Droplet | 6:59 |
2017 Mini-PC | 3:41 |
2019 Mini-PC | 3:24 |
Power consumption could be a concern, as the 2017 version had a much lower 15 watt TDP, compared to the 45 watts of this version. That 3× increase in core count ain’t free! So I tested that, too, with a combination of i7z
, stress
, and my handy dandy watt meter.
(idle login) | 800 Mhz | 10w |
stress --cpu 1 | 4.1 GHz | 30w |
stress --cpu 2 | 4.1 GHz | 42w |
stress --cpu 3 | 4.0 GHz | 53w |
stress --cpu 4 | 3.9 GHz | 65w |
stress --cpu 5 | 3.7 GHz | 65w |
stress --cpu 6 | 3.5 GHz | 65w |
stress --cpu 12 | 3.3 Ghz | 65w |
I’d expect around 10 - 20 watts doing typical low-load stuff that isn’t super CPU intensive. Note that running current-ish versions of mprime
jacks power consumption up to 75w 🔥 and the overall clock scales down to 3.1 Ghz… let me tell you, I’ve learned to be very, very afraid of AVX2 extensions.
(If you’re worried about noise, don’t be. This active cooling solution is clearly overkill for a 65w load, because it barely spun up at all even under full core load. It was extremely quiet.)
So we’re happy that this machine is a slammin’ deal for $820, it’s super fast, and plenty reliable. But how about colocation costs? My colocation provider is EndOffice out of Boston, and they offer very competitive rates to colocate a Mini-PC: $29/month.
I personally colocate three Mini-PCs for redundancy and just-in-case; there are discounts for colocating more than one. Here they are racked up and in action. Of course I labelled the front and rear before shipping because that’s how I roll.
Let’s break this down and see what the actual costs of colocating a Mini-PC are versus the cloud. Given the plateauing of CPU speeds, I think five years of useful life for these boxes is realistic, but let’s assume a conservative three year lifespan to be safe.
That’s $2,044 for three years of hosting. How can we do on Digital Ocean? Per their current pricing page:
This isn’t quite apples to apples, as we are getting an extra 140GB of disk and 2 bonus CPUs, but those CPUs are both slower and partially consumed by multi-tenancy compared to our brand new dedicated, isolated CPUs. (I was curious about this, so I just spun up a new $160/month DO instance for a quick test. The sysbench
results are 4086 and 11760 respectively, considerably below the 2019 Mini-PC results, above.) As you can see, you pay almost three times as much for a cloud server. 🤑
I’m not saying this is for everyone. If you just need to spin up a quick server or two for testing and experimentation, there’s absolutely no way you need to go to the trouble and up-front cost of building and then racking colocated mini-pcs. There’s no denying that spinning servers up in the cloud offers unparalleled flexibility and redundancy. But if you do have need for dedicated computing resources over a period of years, then building your own small personal cloud, with machines you actually own, is not only one third the cost but also… kinda cool?
If you’d also like to embark upon this project, you can get the same Partaker B18 box I did for $490 from Amazon, or $460 direct from China via AliExpress. Add memory and drive to taste, build it up, then check out endoffice.com who I can enthusiastically recommend for colocation, or the colocation provider of your choice.
Get something cool hosted out there; let’s do our part to keep the internet fun and weird!
]]>We built a sort of Wikipedia website for computer programmers to post questions and answers. It’s called Stack]]>
I sometimes get asked by regular people in the actual real world what it is that I do for a living, and here’s my 15 second answer:
We built a sort of Wikipedia website for computer programmers to post questions and answers. It’s called Stack Overflow.
As of last month, it’s been 10 years since Joel Spolsky and I started Stack Overflow. I currently do other stuff now, and I have since 2012, but if I will be known for anything when I’m dead, clearly it is going to be good old Stack Overflow.
Here’s where I’d normally segue into a bunch of rah-rah stuff about how great Stack Overflow is, and thus how implicitly great I am by association for being a founder, and all.
I do not care about any of that.
What I do care about, though, is whether Stack Overflow is useful to working programmers. Let’s check in with one of my idols, John Carmack. How useful is Stack Overflow, from the perspective of what I consider to be one of the greatest living programmers?
I won’t lie, September 17th, 2013 was a pretty good day. I literally got chills when I read that, and not just because I always read the word “billions” in Carl Sagan’s voice. It was also pleasantly the opposite of pretty much every other day I’m on Twitter, scrolling through an oppressive, endless litany of shared human suffering and people screaming at each other. Which reminds me, I should check my Twitter and see who else is wrong on the Internet today.
I am honored and humbled by the public utility that Stack Overflow has unlocked for a whole generation of programmers. But I didn’t do that.
All those “fun size” units of Q&A collectively contributed by working programmers from all around the world ended up building a Creative Commons resource that truly rivals Wikipedia within our field. That’s... incredible, actually.
But success stories are boring. The world is filled with people that basically got lucky, and subsequently can’t stop telling people how it was all of their hard work and moxie that made it happen. I find failure much more instructive, and when building a business and planning for the future, I take on the role of Abyss Domain Expert™ and begin a staring contest. It’s just a little something I like to do, you know... for me.
Thus, what I’d like to do right now is peer into that glorious abyss for a bit and introspect about the challenges I see facing Stack Overflow for the next 10 years. Before I begin, I do want to be absolutely crystal clear about a few things:
Stack Overflow ultimately has much more in common with Wikipedia than a discussion forum. By this I mean questions and answers on Stack Overflow are not primarily judged by their usefulness to a specific individual, but by how many other programmers that question or answer can potentially help over time. I tried as hard as I could to emphasize this relationship from launch day in 2008. Note who has top billing in this Venn diagram.
Stack Overflow later added a super neat feature to highlight this core value in user profiles, where it shows how many other people you have potentially helped with your contributed questions and answers so far.
The most common complaints I see about Stack Overflow are usually the result of this fundamental misunderstanding about who the questions and answers on the site are ultimately for, and why there’s so much strictness involved in the whole process.
I’m continually amazed at the number of people, even on Hacker News today, who don’t realize that every single question and answer is editable on Stack Overflow, even as a completely anonymous user who isn’t logged in. Which makes sense, right, because Stack Overflow is a wiki, and that’s how wikis work. Anyone can edit them. Go ahead, try it right now if you don’t believe me – press the “improve this answer” or “improve this question” button on anything that can be improved, and make it so.
The responsibility for this misunderstanding is all on Stack Overflow (and by that I also mean myself, at least up until 2012). I guess the logic is that “every programmer has surely seen, used, and understands Stack Overflow by now, 10 years in” but... I think that’s a risky assumption. New programmers are minted every second of every day. Complicating matters further, there are three tiers of usage at Stack Overflow, from biggest to smallest, in inverted pyramid style:
(There’s technically a fourth tier here, for people who want to selflessly contribute creative commons questions and answers to move the entire field of software development forward for the next generation of software developers. But who has time for saints 😇, y’all make the rest of us look bad, so knock it off already, Skeet.)
It wouldn’t shock me at all if people spent years happily at tier 1 and then got a big unpleasant surprise when reaching tier 2. The primary place to deal with this, in my opinion, is a massively revamped and improved ask page. It’s also fair to note that maybe people don’t understand that they’re signing up for a sizable chunk of work by implicitly committing to the wiki standard of “try to make sure it’s useful to more people than just yourself” when asking a question on Stack Overflow, and are then put off by the negative reaction to what others view as an insufficiently researched question.
Stack Overflow absorbs so much tension from its adoption of wiki standards for content. Even if you know about that requirement up front, it is not always clear what “useful” means, in the same way it’s not always clear what topics, people, and places are deserving of a Wikipedia page. Henrietta Lacks, absolutely, but what about your cousin Dave in Omaha with his weirdo PHP 5.6 issue?
Here’s one thing I really, really saw coming and to be honest with you I was kinda glad I left in 2012 before I had to deal with it because of the incredible technical difficulty involved: duplicates. Of all the complaints I hear about Stack Overflow, this is the one I am most sympathetic to by far.
If you accept that Stack Overflow is a wiki type system, then for the same reasons that you obviously can’t have five different articles about Italy on Wikipedia, Stack Overflow can’t allow duplicate questions on the exact same programming problem. While there is a fair amount of code to do pre-emptive searches as people type in questions, plus many exhortations to search before you ask, with an inviting search field and button right there on the mandatory page you see before asking your first question...
...locating and identifying duplicate content is an insanely difficult problem even for a company like Google that’s done nothing but specialize in this exact problem for, what, 20 years now, with a veritable army of the world’s most talented engineers.
When you’re asking a question on a site that doesn’t allow duplicate questions, the problem space of a site with 1 million existing questions is rather different from a site with 10 million existing questions... or 100 million. Asking a single unique question goes from mildly difficult to mission almost impossible, because your question needs to thread a narrow path through this vast, enormous field of prior art questions without stepping on any of the vaguely similar looking landmines in the process.
But wait! It gets harder!
I don’t have any real answers on the duplicate problem, which only gets worse over time. But I will point out that there is plenty of precedent on the Stack Exchange network for splitting sites into “expert” and “beginner” areas with slightly different rulesets. We’ve seen this for Math vs. MathOverflow, English vs. English Learners, Unix vs. Ubuntu... perhaps it’s time for a more beginner focused Stack Overflow where duplicates are less frowned upon, and conversational rules are a bit more lenient?
Stack Overflow was indeed built to be a fairly explicitly competitive system, with the caveat that “there’s always more than one way to do it.” This design choice was based on my perennial observation that the best way to motivate any programmer... is to subtly insinuate that another programmer could have maybe done it better.
This is manifested in the public reputation system on Stack Overflow, the incredible power of a number printed next to someone’s name, writ large. All reputation in Stack Overflow comes from the recognition of your peers, never the “system.”
Once your question is asked, or your answer is posted, it can then be poked, prodded, edited, flagged, closed, opened, upvoted, downvoted, folded and spindled by your peers. The intent is for Stack Overflow to be a system of peer review and friendly competition, like a code review from a coworker you’ve never met at a different division of the company. It’s also completely fair for a fellow programmer to question the premise of your question, as long as it’s done in a nice way. For example, do you really want to use that regular expression to match HTML?
I fully acknowledge that competitive peer review systems aren’t for everyone, and thus the overall process of having peers review your question may not always feel great, depending on your circumstances and background in the field – particularly when combined with the substantial tensions around utility and duplicates Stack Overflow already absorbed from its wiki elements. Kind of a double whammy there.
I’ve heard people describe the process of asking a question on Stack Overflow as anxiety inducing. To me, posting on Stack Overflow is supposed to involve a healthy kind of minor “let me be sure to show off my best work” anxiety:
I imagine systems where there is zero anxiety involved and I can only think of jobs where I had long since stopped caring about the work and thus had no anxiety about whether I even showed for work on any given day. How can that be good? Let’s just say I’m not a fan of zero-anxiety systems.
Maybe competition just isn’t your jam. Could there be a less competitive Q&A system, a system without downvotes, a system without close votes, where there was never any anxiety about posting anything, just a network of super supportive folks who believe in you and want you to succeed no matter what? Absolutely! I think many alternative sites should exist on the internet so people can choose an experience that matches their personal preferences and goals. Should Stack build that alternative? Has it already been built? It’s an open question; feel free to point out examples in the comments.
Another point of confusion that comes up a fair bit is who the intended audience for Stack Overflow actually is. That one is straightforward, and it’s been the same from day one:
Q&A for professional and enthusiast programmers. By that we mean:
People who either already have a job as a programmer, or could potentially be hired as a programmer today if they wanted to be.
Yes, in case you’re wondering, part of this was an overt business decision. To make money you must have an audience of people already on a programmer’s salary, or in the job hunt to be a programmer. The entire Stack Overflow network may be Creative Commons licensed, but it was never a non-profit play. It was planned as a sustainable business from the outset, and that’s why we launched Stack Overflow Careers only one year after Stack Overflow itself... to be honest far sooner than we should have, in retrospect. Careers has since been smartly subsumed into Stack Overflow proper at stackoverflow.com/jobs for a more integrated and most assuredly way-better-than-2009 experience.
The choice of audience wasn’t meant to be an exclusionary decision in any way, but Stack Overflow was definitely designed as a fairly strict system of peer review, which is great (IMNSHO, obviously) for already practicing professionals, but pretty much everything you would not want as a student or beginner. This is why I cringe so hard I practically turn myself inside out when people on Twitter mention that they have pointed their students at Stack Overflow. What you’d want for a beginner or a student in the field of programming is almost the exact opposite of what Stack Overflow does at every turn:
These are all very fine and good things, but Stack Overflow does NONE of them, by design.
Can you use Stack Overflow to learn how to program from first principles? Well, technically you can do anything with any software. You could try to have actual conversations on Reddit, if you’re a masochist. But the answer is yes. You could learn how to program on Stack Overflow, in theory, if you are a prodigy who is comfortable with the light competitive aspects (reputation, closing, downvoting) and also perfectly willing to define all your contributions to the site in terms of utility to others, not just yourself as a student attempting to learn things. But I suuuuuuper would not recommend it. There are far better websites and systems out there for learning to be a programmer. Could Stack Overflow build beginner and student friendly systems like this? I don’t know, and it’s certainly not my call to make. 🤔
And that’s it. We can now resume our normal non-abyss gazing. Or whatever it is that passes for normal in these times.
I hope all of this doesn’t come across as negative. Overall I’d say the state of the Stack is strong. But does it even matter what I think? As it was in 2008, so it is in 2018.
Stack Overflow is you.
This is the scary part, the great leap of faith that Stack Overflow is predicated on: trusting your fellow programmers. The programmers who choose to participate in Stack Overflow are the “secret sauce” that makes it work. You are the reason I continue to believe in developer community as the greatest source of learning and growth. You are the reason I continue to get so many positive emails and testimonials about Stack Overflow. I can’t take credit for that. But you can.
I learned the collective power of my fellow programmers long ago writing on Coding Horror. The community is far, far smarter than I will ever be. All I can ask — all any of us can ask — is to help each other along the path.
And if your fellow programmers decide to recognize you for that, then I say you’ve well and truly earned it.
The strength of Stack Overflow begins, and ends, with the community of programmers that power the site. What should Stack Overflow be when it grows up? Whatever we make it, together.
p.s. Happy 10th anniversary Stack Overflow!
Also see Joel’s take on 10 years of Stack Overflow with The Stack Overflow Age, A Dusting of Gamification, and Strange and Maddening Rules.
]]>Mysterious hooded computer guys doing mysterious hooded computer guy... things! Who knows what kind of naughty digital mischief they might be up to?
Unfortunately, we now live in a world where this kind of digital mischief is literally rewriting the world’s history. For proof
]]>Remember “cybersecurity”?
Mysterious hooded computer guys doing mysterious hooded computer guy... things! Who knows what kind of naughty digital mischief they might be up to?
Unfortunately, we now live in a world where this kind of digital mischief is literally rewriting the world’s history. For proof of that, you need look no further than this single email that was sent March 19th, 2016.
If you don’t recognize what this is, it is a phishing email.
This is by now a very, very famous phishing email, arguably the most famous of all time. But let’s consider how this email even got sent to its target in the first place:
On successful phish leads to an even wider address book attack net down the line. Once they gain access to a person’s inbox, they use it to prepare to their next attack. They’ll harvest existing email addresses, subject lines, content, and attachments to construct plausible looking boobytrapped emails and mail them to all of their contacts. How sophisticated and targeted to a particular person this effort is determines whether it’s so-called “spear” phishing or not.
In this case is it was not at all targeted. This is a remarkably unsophisticated, absolutely generic routine phishing attack. There is zero focused attack effort on display here. But note the target did not immediately click the link in the email!
Instead, he did exactly what you’d want a person to do in this scenario: he emailed IT support and asked if this email was valid. But IT made a fatal mistake in their response.
Do you see it? Here’s the kicker:
Mr. Delavan, in an interview, said that his bad advice was a result of a typo: He knew this was a phishing attack, as the campaign was getting dozens of them. He said he had meant to type that it was an “illegitimate” email, an error that he said has plagued him ever since.
One word. He got one word wrong. But what a word to get wrong, and in the first sentence! The email did provide the proper Google address to reset your password. But the lede was already buried since the first sentence said “legitimate;” the phishing link in that email was then clicked. And the rest is literally history.
What’s even funnier (well, in the way of gallows humor, I guess) is that public stats were left enabled for that bit.ly tracking link, so you can see exactly what crazy domain that “Google login page” resolved to, and that it was clicked exactly twice, on the same day it was mailed.
As I said, these were not exactly sophisticated attackers. So yeah, in theory an attentive user could pay attention to the browser’s address bar and notice that after clicking the link, they arrived at
http://myaccount.google.com-securitysettingpage.tk/security/signinoptions/password
instead of
https://myaccount.google.com/security
Note that the phishing URL is carefully constructed so the most “correct” part is at the front, and weirdness is sandwiched in the middle. Unless you’re paying very close attention and your address bar is long enough to expose the full URL, it’s… tricky. See this 10 second video for a dramatic example.
(And if you think that one’s good, check out this one. Don’t forget all the Unicode look-alike trickery you can pull, too.)
I originally wrote this post as a presentation for the Berkeley Computer Science Club back in March, and at that time I gathered a list of public phishing pages I found on the web.
nightlifesofl.com
ehizaza-limited.com
tcgoogle.com
appsgoogie.com
security-facabook.com
Of those five examples from 6 months ago, one is completely gone, one loads just fine, and three present an appropriately scary red interstitial warning page that strongly advises you not to visit the page you’re trying to visit, courtesy of Google’s safe browsing API. But of course this kind of shared blacklist domain name protection will be completely useless on any fresh phishing site. (Don’t even get me started on how blacklists have never really worked anyway.)
It doesn’t exactly require a PhD degree in computer science to phish someone:
I want to emphasize that although clearly mistakes were made in this specific situation, none of the people involved here were amateurs. They had training and experience. They were working with IT and security professionals. Furthermore, they knew digital attacks were incoming.
The… campaign was no easy target; several former employees said the organization put particular stress on digital safety.
Work emails were protected by two-factor authentication, a technique that uses a second passcode to keep accounts secure. Most messages were deleted after 30 days and staff went through phishing drills. Security awareness even followed the campaigners into the bathroom, where someone put a picture of a toothbrush under the words: “You shouldn’t share your passwords either.”
The campaign itself used two factor auth extensively, which is why personal Gmail accounts were targeted, because they were less protected.
The key takeaway here is that it’s basically impossible, statistically speaking, to prevent your organization from being phished.
Or is it?
Nobody is doing better work in this space right now than Maciej Ceglowski and Tech Solidarity. Their list of basic security precautions for non-profits and journalists is pure gold and has been vetted by many industry professionals with security credentials that are actually impressive, unlike mine. Everyone should read this list very closely, point by point.
Everyone?
Computers, courtesy of smartphones, are now such a pervasive part of average life for average people that there is no longer any such thing as “computer security.” There is only security. In other words, these are normal security practices everyone should be familiar with. Not just computer geeks. Not just political activists and politicians. Not just journalists and nonprofits.
Everyone.
It is a fair bit of reading, so because I know you are just as lazy as I am, and I am epically lazy, let me summarize what I view as the three important takeaways from the hard work Tech Solidarity put into these resources. These three short sentences are the 60 second summary of what you want to do, and what you want to share with others so they do, too.
1) Enable Two Factor authentication through an app, and not SMS, everywhere you can.
Logging in with only a password, now matter how long and unique you attempt to make that password, will never be enough. A password is what you know; you need to add the second factor of something you have (or something you are) to achieve significant additional security. SMS can famously be intercepted, social engineered, or sim-jacked all too easily. If it’s SMS, it’s not secure, period. So install an authenticator app, and use it, at least for your most important credentials such as your email account and your bank.
Have I mentioned that Discourse added two factor authentication support in version 2.0, and our just released 2.1 adds printed backup codes, too? There are two paths forward: you can talk about the solution, or you can build the solution. I’m trying to do both to the best of my ability. Look for the 2FA auth option in your user preferences on your favorite Discourse instance. It’s there for you.
(This is also a company policy at Discourse; if you work here, you 2FA everything all the time. No other login option exists.)
2) Make all your passwords 11 characters or more.
It’s a long story, but anything under 11 characters is basically the same as having no password at all these days. I personally recommend at least 14 characters, maybe even 16. But this won’t be a problem for you, because...
3) Use a password manager.
If you use a password manager, you can simultaneously avoid the pernicious danger of password re-use and the difficulty of coming up with unique and random passwords all the time. It is my hope in the long run that cloud based password management gets deeply built into Android, iOS, OSX, and Windows so that people don’t need to run a weird mélange of third party apps to achieve this essential task. Password management is foundational and should not be the province of third parties on principle, because you never outsource a core competency.
Bonus rule! For the particularly at-risk, get and use a U2F key.
In the long term, two factor through an app isn’t quite secure enough due to the very real (and growing) specter of real-time phishing. Authentication apps offer timed keys that expire after a minute or two, but if the attacker can get you to type an authentication key and relay it to the target site fast enough, they can still log in as you. If you need ultimate protection, look into U2F keys.
I believe U2F support is still too immature at the moment, particularly on mobile, for this to be practical for the average person right now. But if you do happen to fall into those groups that will be under attack, you absolutely want to set up U2F keys where you can today. They’re cheap, and the good news is that they literally make phishing impossible at last. Given that Google had 100% company-wide success against phishing with U2F, we know this works.
In today’s world, computers are now so omnipresent that there is no longer any such thing as cybersecurity, online security, or computer security – there’s only security. You either have it, or you don’t. If you follow and share these three rules, hopefully you too can have a modicum of security today.
]]>I didn’t choose to be a programmer. Somehow, it seemed, the computers chose me. For a long time, that was fine, that was enough; that was all I needed. But along the way I never felt that being a programmer was this unambiguously great-for-everyone career field with zero downsides. There are absolutely occupational hazards of being a programmer, and one of my favorite programming quotes is an allusion to one of them:
It should be noted that no ethically-trained software engineer would ever consent to write aDestroyBaghdad
procedure. Basic professional ethics would instead require him to write aDestroyCity
procedure, to which Baghdad could be given as a parameter.
Which reminds me of another joke people were telling in 2015:
Donald Trump is basically a comment section running for president
Which is troubling because technically, technically, I run a company that builds comment sections.
Here at the tail end of 2017, from where I sit neither of these jokes seem particularly funny to me any more. Perhaps I have lost the capacity to feel joy as a human being? Haha just kidding!... kinda.
Remember in 2011 when Marc Andreeseen said that “Software is eating the world”?
That used to sound all hip and cool and inspirational, like “Wow! We software developers really are making a difference in the world!” and now for the life of me I can’t read it as anything other than an ominous warning that we just weren’t smart enough to translate properly at the time. But maybe now we are.
I’ve said many, many times that the key to becoming an experienced software developer is to understand that you are, at all times, your own worst enemy. I don’t mean this in a negative way – you have to constantly plan for and design around your inevitable human mistakes and fallibility. It’s fundamental to good software engineering because, well, we’re all human. The good-slash-bad news is that you’re only accidentally out to get yourself. But what happens when we’re infinitely connected and software is suddenly everywhere, in everyone’s pockets every moment of the day, starting to approximate a natural extension of our bodies? All of a sudden those little collective social software accidents become considerably more dangerous:
The issue is bigger than any single scandal, I told him. As headlines have exposed the troubling inner workings of company after company, startup culture no longer feels like fodder for gentle parodies about ping pong and hoodies. It feels ugly and rotten. Facebook, the greatest startup success story of this era, isn’t a merry band of hackers building cutesy tools that allow you to digitally Poke your friends. It’s a powerful and potentially sinister collector of personal data, a propaganda partner to government censors, and an enabler of discriminatory advertising.
I’m reminded of a particular Mitchell and Webb skit: “Are we the baddies?”
On the topic of unanticipated downsides to technology, there is no show more essential than Black Mirror. If you haven’t watched Black Mirror yet, do not pass go, do not collect $200, go immediately to Netflix and watch it. Go on! Go ahead!
⚠ Fair warning: please DO NOT start with season 1 episode 1 of Black Mirror! Start with season 3, and go forward. If you like those, dip into season 2 and the just-released season 4, then the rest. But humor me and please at least watch the first episode of season 3.
The technology described in Black Mirror can be fanciful at times, but several episodes portray disturbingly plausible scenarios with today’s science and tech, much less what we’ll have 20 to 50 years from now. These are very real cautionary tales, and some of this stuff is well on its way toward being realized.
Programmers don’t think of themselves as people with the power to change the world. Most programmers I know, including myself, grew up as nerds, geeks, social outcasts. Did I ever tell you about the time I wrote a self-destructing Apple // boot disk program to let a girl in middle school know that I liked her? I was (and still am) a terrible programmer, but oh man did I ever test the heck out of that code before copying on to her school floppy disc. But I digress. What do you do when you wake up one day and software has kind of eaten the world, and it is no longer clear if software is in fact an unambiguously good thing, like we thought, like everyone told us… like we wanted it to be?
Months ago I submitted a brief interview for a children’s book about coding.
I recently received a complimentary copy of the book in the mail. I paged to my short interview, alongside the very cool Kiki Prottsman. I had no real recollection of the interview questions after the months of lead time it takes to print a physical book, but reading the printed page, I suddenly hit myself over the head with the very answer I had been searching my soul for these past 6 months:
In attempting to simplify my answers for an audience of kids, I had concisely articulated the one thing that keeps me coming back to software: to serve man. Not on a platter, for bullshit monetization – but software that helps people be the best version of themselves.
And you know why I do it? I need that help, too. I get tired, angry, upset, emotional, cranky, irritable, frustrated and I need to be reminded from time to time to choose to be the better version of myself. I don’t always succeed. But I want to. And I believe everyone else – for some reasonable statistical value of everyone else – fundamentally does, too.
That was the not-so-secret design philosophy behind Stack Overflow, that by helping others become better programmers, you too would become a better programmer. It’s unavoidable. And, even better, if we leave enough helpful breadcrumbs behind for those that follow us, we collectively advance the whole of programming for everyone.
I apologize for not blogging much in 2017. I’ve certainly been busy with Discourse which is actually going great; we grew to 21 people and gave $55,000 back this year to the open source ecosystem we build on. But that’s no excuse. The truth is that it’s been hard to write because this has been a deeply troubling year in so many dimensions – for men, for tech, for American democracy. I’m ashamed of much that happened, and I think one of the first and most important steps we can take is to embrace explicit codes of conduct throughout our industry. I also continue to believe, if we start to think more holistically about what our software can do to serve all people, not just ourselves personally (or, even worse, the company we work for) – that software can and should be part of the solution.
I tried to amplify on these thoughts in recent podcasts:
![]() | Community Engineering Report with Kim Crayton |
![]() | Developer on Fire with Dave Rael |
![]() | Dorm Room Tycoon with William Channer |
Software is easy to change, but people... aren’t. So in the new year, as software developers, let’s make a resolution to focus on the part we can change, and keep asking ourselves one very important question: how can our software help people become the best version of themselves?
]]>