I get that it's trying to be funny, but is it really no longer possible to create a website with a single arrow that doesn't have to pull down all this cruft ?
Agreed. I was curious as to how the random numbers were being generated (math.random()? Something else?), so I went to look at the source code. I expected `assets/js/src/application.js` to be the main file (I mean, look at that name. What else would it be?)
I start reading the code, and pretty soon it starts messing with the clipboard, and it even pulls in Flash [1]:
> // Config ZeroClipboard
> ZeroClipboard.config({
> moviePath: '/assets/flash/ZeroClipboard.swf',
> hoverClass: 'btn-clipboard-hover'
> })
In all honesty, this website serves more as an indication of why the TSA spending this much money on such code may actually be justified, rather than effectively mocking the cost, which I think was its intent. How many security holes do you think this website is subject to? Can we know for certain that none of these dependencies are malicious or contain backdoors?
Security can't be taken lightly. And yes - for an app like this, it's much more important that it be secure than that it look good. I doubt a browser application is really the right approach anyway, given those concerns.
Javascript is getting freakishly absurd. What is wrong with the JS ecosystem? This feels like XML all over again.
I know not all engineers do this, but this crap is what caused me to buy a new laptop. I was fine with my existing tools and workflow, but websites have gotten so slow and ridiculous. It's largely Javascript's fault.
I used to get angry about walled garden app stores, but lately I find myself hating the web. I don't dislike it, but I think we went on a really lame detour.
As an aside, Javascript ads are worse than Flash ads ever were.
In this case a few lines of CSS and a few lines of JavaScript would have delivered the exact same result, including all necessary responsiveness. We have gotten so far away from bare bones, non-jquery based development that this kind of heft has become the standard starting point for all projects. It certainly isn't my style, but then I didn't go to Stanford and don't work for a unicorn, so perhaps I am the unenlightened one.
That said, I don't think it's necessary to criticize a satirical project like this on technical grounds. The idea is great; the developer probably just used his boilerplate frameworks that are usually used for much more complex projects in order to save time.
Make 300k off a website and people make a competitor to mock the value you delivered. People are stupid and you can't win. They will always try to force everyone to race to the bottom, because if they can't have it why should you?
I'd love to see a ridiculously over-engineered version. Something like a website running in a browser in Windows 95 running in a javascript DOSBOX emulator.
They are probably just using a quickstart file that has all of those things included as defaults.
I have a repo I clone for my one-off projects with all the boilerplate I could possibly need for a weekend project. None of the projects actually end up using all of that stuff, but I'm not bothered by the lack of professional optimization in my "for fun only" projects.
Let's say you have a mobile app used by 1 billion people every day. It sounds crazy, but I bet a fair number of people in this forum contribute to such an application.
Imagine you want to make an optimization that increases battery life by 1%. Assume a 30Wh battery and that it's charged once per day. Over the two year lifetime of the phone, at $0.10 per KWh, that change would save your users 21.9 million dollars in aggregate. Even with a team of 40 people making $500,000 per year working for a year, you still increase the efficiency of society with that change!
(I know, this ignores the opportunity cost of adding a new feature before your competitor, or focusing on something that will bring more user happiness, or the externality that users don't notice the $0.00003 they're paying to supply your app with electricity. But the point is, we have a lot of power, and our time is much cheaper when multiplied proportionally to that impact.)
I think what your actual objection is that it's so easy to make a simple website with all that cruft. Much or all of that stuff comes in one of the easiest to find and download "starter packs" from Bootstrap. You can take the time to figure out what everything does and slim it down or just ship it.
Exactly! My first attempt was just 10 lines of HTML code, but it was a real pain to do the vertical centering on iOS. So I tried a Bootstrap template, saw that even they didn't do the centering on iOS, but was too lazy to change it back.
I feel like HN's nerd rage at stuff like this (the TSA expenditure) is the same reason many (if not most) engineers make less than they could. It's a very willful denial of a fact of how the world works (large organizations routinely pay large sums for seemingly very simple work).
I have a cheaper alternative. Get rid of TSA altogether. Travelling was a whole heck of a lot more fun in 1975. Since then it's been overreaction upon overreaction. Nobody is going to hijack a plane in this day and age because of the simple fact that the passengers will immediately revolt.
There are roughly 100k commercial flights per day, 36m flights per year.
Therefore, the probability of your flight being hijacked is 1 in 30 million, which is an absurdly low number. Note that only one of the 6 hijackings resulted in casualties, so the mortality rate even lower.
It's all security theatre. The TSA has stopped a dangerous person NEVER. I've lived around the world and airport security is bad everywhere. Australia's is terrible, German's is pretty bad, but the worst; the absolutely fucking worst is America's. I knew people who would pay more to fly through Canada to avoid American airports.
The pre-2001 airport security apparatus did a good job of keeping guns off planes, eliminating the most common hijacking scenario. Almost everything since then has been increased hassle for diminishing returns, with the most effective improvement being one of the least visible - hardening the cockpit doors.
"According to Mashable, the Transportation Security Administration apparently spent $47,000 on an app that is essentially a random number generator—it was briefly used to assign travelers to left or right lanes at airports.
As the website reported: “The app was used by TSA agents to randomly assign passengers to different pre-check lines as part of a now-discontinued program called ‘managed inclusion.’”
Such an app is widely viewed to be an extremely simple program to write. Many are questioning why a government agency overpaid for the app.
The revelation was published Sunday evening by Kevin Burke, a San Francisco-based developer, who received TSA documents in response to a Freedom of Information Act Request. The documents showed a $1.4 million price tag. However, the TSA has clarified that figure, stating that the app actually cost $47,000."
Such an app is widely viewed to be an extremely simple program to write.
Writing the app, as anyone who has done any consulting work would know, is often the easiest, least time-intensive part of a project. Anyone saying to themselves, "$47K? I could do it in ten lines of code!" should stick to coding and let the contract procurement folks do their job.
(I'm merely the messenger; hate-game disclaimers apply.)
Lets be practical, I am sure the actual app
- Works without network connection
- Metrics (offline syncronization)
- User logins
- Includes price of iPads themselves?
- Involved government and IBM personal
The UI looks nice, but there is more to this than a UI.
This should be implemented using a cryptographically secure random number generator. Presumably, the TSA requirements would specify some defense against an attacker being able to predict program outputs.
If you're alluding to a penny, I think you'll find that they cost more that $0.01. Probably a far better example wasteful government procurement than this app.
" Probably a far better example wasteful government procurement than this app."
Not really. If you were flipping the penny to get heads or tails and lost it, you could easily replace that penny with a coin, a washer, a stick from outside, a book...hundreds of things already around your home or office, many with no use or value. You can't look around you and find a replacement for the penny as a currency.
This left me thinking what could be the simplest implementation I could do, while keeping a good UX. I came up with this in 10mins: https://jsbin.com/xidefopuqe
Nice - you saved me the effort. But after I wouldn't have been able to resist the idea of tweaking the randomness and ended up spending the rest of the evening trying to perfect something that felt more random than random - including forays into Wikipedia and other searches to find prior examples... So really you've saved me hours of work!
Readit News
I start reading the code, and pretty soon it starts messing with the clipboard, and it even pulls in Flash [1]:
> // Config ZeroClipboard
> ZeroClipboard.config({
> moviePath: '/assets/flash/ZeroClipboard.swf',
> hoverClass: 'btn-clipboard-hover'
> })
In all honesty, this website serves more as an indication of why the TSA spending this much money on such code may actually be justified, rather than effectively mocking the cost, which I think was its intent. How many security holes do you think this website is subject to? Can we know for certain that none of these dependencies are malicious or contain backdoors?
Security can't be taken lightly. And yes - for an app like this, it's much more important that it be secure than that it look good. I doubt a browser application is really the right approach anyway, given those concerns.
[1] https://github.com/arik-so/tsa/blob/master/assets/js/src/app...
I know not all engineers do this, but this crap is what caused me to buy a new laptop. I was fine with my existing tools and workflow, but websites have gotten so slow and ridiculous. It's largely Javascript's fault.
I used to get angry about walled garden app stores, but lately I find myself hating the web. I don't dislike it, but I think we went on a really lame detour.
As an aside, Javascript ads are worse than Flash ads ever were.
I admit to thinking the dependency overkill for random arrows was part the joke. A la https://github.com/jezen/is-thirteen
That said, I don't think it's necessary to criticize a satirical project like this on technical grounds. The idea is great; the developer probably just used his boilerplate frameworks that are usually used for much more complex projects in order to save time.
Make a thing vanilla, people bitch about how it doesn't work on their phone.
http://bettermotherfuckingwebsite.com/
I have a repo I clone for my one-off projects with all the boilerplate I could possibly need for a weekend project. None of the projects actually end up using all of that stuff, but I'm not bothered by the lack of professional optimization in my "for fun only" projects.
But it will hurt your career. How will people know if you keep up with modern development techniques?
15. Rule of Optimization: Prototype before polishing. Get it working before you optimize it.[1]
[1] https://www.slingcode.com/ref/ProgrammingPhilosophies.pdf
Let's say you have a mobile app used by 1 billion people every day. It sounds crazy, but I bet a fair number of people in this forum contribute to such an application.
Imagine you want to make an optimization that increases battery life by 1%. Assume a 30Wh battery and that it's charged once per day. Over the two year lifetime of the phone, at $0.10 per KWh, that change would save your users 21.9 million dollars in aggregate. Even with a team of 40 people making $500,000 per year working for a year, you still increase the efficiency of society with that change!
(I know, this ignores the opportunity cost of adding a new feature before your competitor, or focusing on something that will bring more user happiness, or the externality that users don't notice the $0.00003 they're paying to supply your app with electricity. But the point is, we have a lot of power, and our time is much cheaper when multiplied proportionally to that impact.)
Dead Comment
Web app engineers display complexity like peacocks displaying their plumage.
Try "taxpayer rage".
http://www.cnn.com/2016/03/29/europe/hijacked-egypt-air-jet/
There are roughly 100k commercial flights per day, 36m flights per year.
Therefore, the probability of your flight being hijacked is 1 in 30 million, which is an absurdly low number. Note that only one of the 6 hijackings resulted in casualties, so the mortality rate even lower.
"According to Mashable, the Transportation Security Administration apparently spent $47,000 on an app that is essentially a random number generator—it was briefly used to assign travelers to left or right lanes at airports.
As the website reported: “The app was used by TSA agents to randomly assign passengers to different pre-check lines as part of a now-discontinued program called ‘managed inclusion.’”
Such an app is widely viewed to be an extremely simple program to write. Many are questioning why a government agency overpaid for the app.
The revelation was published Sunday evening by Kevin Burke, a San Francisco-based developer, who received TSA documents in response to a Freedom of Information Act Request. The documents showed a $1.4 million price tag. However, the TSA has clarified that figure, stating that the app actually cost $47,000."
Writing the app, as anyone who has done any consulting work would know, is often the easiest, least time-intensive part of a project. Anyone saying to themselves, "$47K? I could do it in ten lines of code!" should stick to coding and let the contract procurement folks do their job.
(I'm merely the messenger; hate-game disclaimers apply.)
That said, 47k still seems crazy high. I've never done Gov't consulting though. One hopes hardware was included in the contract?
300K sounds about right
Deleted Comment
This should be implemented using a cryptographically secure random number generator. Presumably, the TSA requirements would specify some defense against an attacker being able to predict program outputs.
I submitted https://github.com/arik-so/tsa/issues/4 about this issue.
Not really. If you were flipping the penny to get heads or tails and lost it, you could easily replace that penny with a coin, a washer, a stick from outside, a book...hundreds of things already around your home or office, many with no use or value. You can't look around you and find a replacement for the penny as a currency.
Very big change in cost, considering the actual price of the TSA app.
It was a fun experiment and felt very old school.