Little bit of an aside: Why do most infosec practitioners prefer conferences like BlackHat and RSA to Bsides and Def Con? The price differences are staggering.
BlackHat is run by the same people as DefCon. BlackHat is their (very success) attempt to monetize the infamy surrounding DefCon. Many of the talks you see at BlackHat will appear (usually watered down) at DefCon.
Black Hat has become the premiere vulnerability research conference, and, like the top science journals, there's a prestige effect to being accepted. Also, unlike Defcon, Black Hat isn't an entertainment event; if your talk is accepted at BH, there's no uncertainty about whether it's there because it's "fun" or there because it (supposedly) makes contributions.
Black Hat's talks are, as vuln research, generally much better than Defcon's. And Bsides is literally a conference defined by talks that are perceived as not strong enough to make it into Black Hat. That's why it's called "B-Sides". As with music, there are some B-sides that are better than their A-side. Some.
I don't know that many people in my field who take RSA all that seriously. I don't, and I'm continually annoyed by credible people in my industry twerping about submitting or attending RSA talks. RSA is a marketing conference.
Finally, with regards to price: I recommend against paying for your own Black Hat ticket. I have no insider information here, but I've been in the industry for a long time, some substantial amount of which was spent doing marketing professionally, and my insight about BH tickets is this: the two most important vectors acting on BH ticket prices are:
* The maximum price that companies will pay for a professional development event for their employees (this was the original goal of Black Hat: to come up with a way to get companies to expense Defcon)
* The sweet spot between attendance and ticket price that maximizes what sponsors will pay for sponsorships. Too high and attendance drops so much that impressions don't justify Gold sponsorship. Too low and the median attendee is no longer a prospect for most potential sponsors.
Neither of these two forces are about you, the conference-goer.
So my practical recommendations are:
* If your employer is footing the bill, get them to pay for Black Hat. Chances are it makes not a whole lot of difference at the margin whether they pay for Black Hat or Defcon; what they'll remember is "paying for you to go to an event", not how much the event cost. Black Hat is expensive, but it's not expensive relative to other professional development events in other spaces.
* Otherwise, pay for B-sides and (depending on utilikilt tolerances) maybe Defcon, but arrive in Vegas on Tuesday night and lobby-conf Black Hat. For the past several years BH has been at Mandalay Bay, and there's a big, terrible bar right at the food of the conference center that everyone hangs out in. Just treat that bar like the conference and tag along with people to events. Go to B-Sides for any talks you're particularly interested in.
* Don't ever go to RSA.
Other cheaper, credible, non-BH vuln research events include Infiltrate, Recon, and CanSecWest. They differ sharply in size w/ Black Hat, but not quality.
What's never discussed is HN's "voting hellban". That is, you are permitted to upvote/downvote, but your votes don't ever actually count. This is the case with my account, but it's never discussed or documented anywhere.
HN has various software and moderation penalties that can be applied to accounts that routinely break the site guidelines. That is the case with your account.
Some of these penalties involve voting, some involve ranking, others involve all kinds of different things. Taken together, they're one of the most important devices HN has to stave off a summary collapse into a disastrously worse place. There's no "voting hellban" (including on your account, some of whose votes count), but there are provisions for dropping votes and weighting them according to various criteria, which we're not going to disclose.
People sometimes think that HN maintains the quality it has (not great, but could be worse) purely by its own equilibrium. That's far from true. It takes major, conscious effort, and much of that effort—as much as possible—we encode into software. Without that it would be physically impossible to keep this place up, and would drive anyone mad to try.
Thank you. I understand why you wouldn't disclose the specific algorithms used, but perhaps issue a set of guidelines for not falling afoul of them?
For instance, I always access HN via a public VPN service, and I suspect coming from a shared IP may have an impact (I'm guessing, anyway). If this is a criteria, it would be nice to know.
Or a throttling delay versus other posters. I caught someone's eye on HN, and now I'm limited in how many comments I can post in a sliding window compared to other users.
That's neither true nor fair. We sometimes fall behind on emails, and I had several dozen to answer before getting to yours, which is currently next in the queue.
Coming here to see the context before answering your email is an ironic moment to encounter snark about us not answering emails. If you'd merely said we were too slow, I'd fully agree.
Apologies, I wasn't aware of the backlog. It wasn't intentionally snarky - if I ran a board as popular as this, prioritizing popular accounts would be sensible thing for me to do, so I assumed.
Verified it with both a throwaway and a friend. Also, my 0 minute posts always end up near the bottom of the page, as if I had on the order of 10 karma.
Right, but I mean what did you look at to "verify" it? The upvote count of the post? Why did you need a friend to verify it? If you are logged in vs. out, is the upvote count different?
That is a highly nasty and unethical thing to do to an unsuspecting user who spends time carefully moderating the discussion and trying to help the site.
On the other hand, it's a great way to handle someone who assists spammers or astroturfers.
Hellbanning exists in a subtler form, though. For instance, my account.
Top-level comments that are literally seconds old are typically posted about 2/3 down the page. None of my votes appear to actually count. It's been this way for several months.
I'm used to it, but it's still very annoying and I wish HN would actually acknowledge they do this.
Well, yes. The nominal standard here is whether the prejudice is against something the individual has choice over. One does not choose one's race, whereas once does choose one's own religion, even if raised in an environment suffused with it.
Choice and agency is the standard by which most people draw the line between generic prejudice and hate. It's no coincidence that gay rights dramatically improved along with widespread acceptance that, regarding sexual orientation, "I was born this way".
It's still the result of stereotypes and over-generalization. Islam is a religion with over a billion followers: trying to make any sort of statement about all of its followers is a fool's errand. I'm reminded of what my religious studies professor said: "There is no such thing as Christianity: there are Christianities". The Christianity of Pope Francis is not the Christianity of the Westboro Baptist Church, and the same holds true for Muslims.
To put it another way, the British Empire had a "merchantalist" foundation - maintain a positive balance of trade and surplus material assets by forcing its colonies to engage in trade on preferential terms - while the U.S. has been "free trade" oriented in its imperial years, with balance of trade being less important than retaining GDP.
Both have imperial dynamics, but for the U.S. the important part is being the "world's policeman" as it comes with the authority to destabilize regions and install puppets where their sovereign governments may act against U.S. interests. With this more limited administrative footprint, they're free to focus on use of violence and propaganda, while taking up domestic market policies that benefit net importer businesses and thus justify maintaining the empire.
Where people say that the Pax Americana is ending it is in part because the dynamic has grown more multipolar since the end of the Cold War, with a diverse group of nations asserting their interests without being overthrown.
From this halcyon point, there's more downside risk than upside going forward. Unless the cyclical nature of debt defaults suddenly stopped after centuries.
Living in SF is a choice, for technologists. In addition to the absurd rent, there is also the lifestyle nominally associated with the choice to live in SF. The bars, the restaurants, the nightlife, the shows, etc.
I fully agree. Personally I would hate to spend 50% of my earnings on a rental property month after month. Suppose there's not all that much that can be done about it given the constant population growth and everybody wanting to be close to urban centres. Makes it very competitive.
Fructose is linked to liver problems, and also creates far more glycation end-products than glucose (which could very well be part of the atherosclerosis explanation).
One problem is that glucose without fructose really doesn't taste very good at all. One option might be replacing sugars entirely with sugar alcohols with low intestinal distress, like erythritol.
Of course, we could always work to become a less decadent society, but that won't happen.
Glucose without fructose tastes perfectly acceptable. It's as flavorless as any simple sugar. It's about 0.75 times as sweet as sucrose. The mouth-feel is slightly different but still pleasant.
