This is a really good question. You would want to ensure that the templating library cannot get access to the http request library unless the templating library is explicitly given a reference to it. So even though both libraries are imported, they can't access each other by default. Realms (the standards track proposal [1]) lets you do this, and Salesforce uses it right now as the security kernel that ensures that their third party apps can't view or mess with other apps [2].
The best way to enforce POLA, and especially this particular problem of not allowing libraries to have access to each other, is object capabilities (ocaps) [3]. An object capability combines designation with authority -- if you have access to a capability, you can use it. If you don't have access, you can't use it. You can think of this (very roughly) as a key to a car as opposed to your name being on a guest list for a party. I didn't really touch on ocaps in this piece, but it's a necessary component for being able to enforce POLA well.
Worth noting that the principle of "a package can only access the dependencies it declared" is already something that we (Yarn) are pushing through Plug'n'Play.
We're not focused on security (yet), but any help we can get to move the ecosystem towards a stricter model will help you in the long term (by ensuring that common tools will be compatible with the even stricter model you're advocating).
In general Django REST Framework is a better package. Hooking in your own customization is less ad-hoc with DRF than with Tastypie, I've found. The DRF documentation is also absolutely stellar and the wider ecosystem around it is really good.
edit: And to my sibling commenter's point, DRF has a funding model, so it's being actively worked on full time.
Having used both, DRF is a lot more similar to standard Django. The views are similar, and the serializers work very similarly to forms so it feels a lot more consistent to use. I seem to remember a post a could of years back where they said they weren't going to be doing more active development in Tastypie, or something to that effect.
Having years of experience with both, I could write an article on why to prefer DRF over Tastypie for general purposes - but one simple reason is that Tastypie is effectively on life-support (taking substantial time to even release versions compatible with new Django versions), while DRF has substantial and accelerating momentum in both its codebase and community around it.
Django Rest Framework is one of the reasons i use django so much. It is done in a really solid way, allowing great power and flexibility over how you want to abstract your rest API. I've used tastypie before, but got the feeling it wasn't as fleshed out as DRF. I remember coming across strange behaviour with complex nested data. Moving over to DRF empowered me.
It looks like the author prefers Django REST Framework (DRF) instead of Tastypie. I can't compare them on their technical merits as I've never used Tastypie, but I do know that DRF is actively developed and has some kind of backing. DRF is one of my "always on" Django packages.
Actually, I remember some years back that when I needed a REST API for a project I started with django-tastypie because back then (circa 2012) was more popular than DRF. Unfortunately, I did not have a good experience with it (too long to release a new version to support new django version) so I switched over to DRF and hasn't look back since.
I'm not really familiar with the status of django-tastypie right now but from what I see from the other comments it probably is better than tastypie.
Also please notice that I wanted to include one of each kind of package in the list since it's the actual list of packages I'm going to use when I need a feature - so there's no reason to include both DRF and tastypie (yes, django-simple-history and django-reversion were both included but as I explain in the article they have different usage models).
This is really interesting. I've lately become more curious about theories of transaction costs - how traditional firms might have an advantage because they don't have to bargain over every decision and have understood lines of decision-making. I'm wondering if decentralized organizations might have a transaction cost problem.
Your comment reminded me of this quotation (it's from Lord Bryce's "The American Commonwealth", describing urban political machines in the 19th century):
> An army led by a council seldom conquers: It must have a commander-in-chief, who settles disputes, decides in emergencies, inspires fear or attachment. The head of the Ring is such a commander. He dispenses places, rewards the loyal, punishes the mutinous, concocts schemes, negotiates treaties. He generally avoids publicity, preferring the substance to the pomp of power, and is all the more dangerous because he sits, like a spider, hidden in the midst of his web. He is a Boss.
You're probably right that voting on everything is not the best way to go, but this is the first Ethereum project that doesn't seem useless or some kind of money grab.
I can't quite tell from your comment whether you are familiar with this as an existing topic in economics - if you're not, you might find this an interesting intro to the area of study http://www.sjsu.edu/faculty/watkins/coase.htm
I wasn't until this week, so apparently I'm projecting just the right amount of knowledge :D Thanks for the link! I've been looking for opportunities to learn more.
See above ^ - I work for one so can say with some truth here.
Yes they do have this problem but it confers several advantages: people are more bought into the work they are doing, they are happier, they understand decisions made about them, they work with more passion. Not all communicational efficiency makes people happier or more productive. Though it does take discernment and judgement when to not bother have a meeting and make a decision about something. You want to try and lower the problem you identify.
Great question. This is the biggest opportunity for software, in my opinion. The boundaries between the firm and the market are, in part, governed by transaction costs. (There are more reasons. You mentioned you're interested in reading more, so I'd recommend this: https://www.amazon.com/Economic-Nature-Firm-Reader/dp/052114...)
Technology has the opportunity to decrease transaction costs amongst a group of participants. Consequently, this could then lead to lower trust amongst participants—one of blockchain's leading selling points.
It's all theory, so we'll see how this plays out, but it's the one thing I think is most exciting: can technology lower transaction costs and thus blur the lines between firm and market.
Is TLA+ pseudocode? It doesn't actually do anything, right? Your example with updating servers, it will never actually update the servers, right? After you try it out in TLA+, you still have to write the real code in some other language, like Bash.
If so, then isn't there still a risk of bugs in your Bash program, from typos, leaving out something from the TLA+ plan, or otherwise miscopying it?
If so, TLA+ does less than I thought. But I can see how it might be useful to work out a complex algorithm and scan it for holes.
Webpack was certainly invaluable when developing this! The ThreeJS framework was used for everything graphics and animation, however. I absolutely love working with it.
I've been experimenting with turning a work application into a PWA, but ran into a problem - all the stuff that would be great to cache was behind an authentication wall. None of the PWA examples covered this. Also, the service worker examples all had "Don't use this in production" warnings. :D
I work for a mill that cleans and sorts grains and beans (taking the rocks out, stems out, etc.), and it's fascinating to see the parallel invention of something really similar! We have a bunch of different steps:
1) Air is blown through the product and any dust is taken out.
2) The product is run through a bunch of screens that take out anything too big or too small.
3) The product is put through a gravity separator to separate based on mass.
4) Finally, the product is put through an optical sorter (https://www.youtube.com/watch?v=O0gWUeqzk_o) which uses blasts of air to push out unwanted materials from a stream of falling product.
I'm sure you could use the same process for Legos. Not sure about how to distinguish between branded and unbranded Legos though.
What is the %age by weight of 'trash' versus 'good stuff' for such a sorter?
I do use screens for various pre-sorting stages, not shown in the article. The sorter is only good for parts up to 40 mm and anything that isn't a wheel or round so it will roll away while being imaged.
That's by far the bulk though so for me if it does that part well it is already more than worth it.
Branded/unbranded: spectrum is different (far more different than you would say by looking at it with the naked eye), weight does not match for the part (though this can be very close with really good fakes), logo on the studs is different.
I've been thinking about doing that gravity thing, but a bit more fancy, rather than just a binary sort to shoot parts in several directions, an alternative is a spiral slide under a steep angle where parts are fed in at the top and ejected when they reach the right bin.
That's a lot more complicated to make than what I have right now mechanically and also the time available for a classification operation would be much shorter, but it would allow for a much larger number of output bins without taking up a whole lot of space. So maybe a next generation, if I still need it (this one is going through piles of lego now).
> How many bins are you organizing your Lego into?
Seven, so it takes multiple passes before it is done.
> Or was this more just a proof of concept thing?
Tough question :) No, it's for real it really has to sort through the 2000 kg, but if it needs to be beefed up or changed to get to the end then I'll do it. The next step 'up' would be a machine designed from scratch incorporating all the lessons learned with essentially unchanged software. There are still some limitations that could be addressed but then you'd lose the training set and you'd have to start all over from scratch. That might be worth it to get the last 1% error or so, so if this ever becomes 'real' then I'd have to do that. I highly doubt it will get to that though. time will tell.
> Plans to launch a Lego sorting service? ;-)
Not at present, though you're not the first person to think of that, parents with kids are suggesting I should make it mobile to visit people at their homes for $x / shot :) Still, that will only happen if I really have nothing better to do, which means likely never.
> Still, that will only happen if I really have nothing better to do, which means likely never.
Don't sell yourself short. You built the thing, after all. Could be some fun road trips with, I'm sure, gracious hosts to entertain you during Lego sort. That could be a whole retirement life right there ! ;-)
Problem with that is the "errors" in the real output bins will be encoded into the next generation of neural net and no progress will be made. On the other hand, the dataset could be used as a starting point that could be one-time filtered and improved by a human.
OP is familiar with the secondary marketplaces and knows if he could classify and sort well enough to make sets, then could potentially make money buying bulk and reselling sets on these marketplaces.
It could be a real business. He's already proven he has the chops to design it. If he doesn't, I don't doubt someone else will try.
Obviously Lego itself could do this but probably make more money from melting and recycling their own parts under their brand as new, like Apple does with its recyclers. Do we know if Lego is recyclable as new Lego by melting?
No, Lego does not recycle. But there is a very lively secondary market.
There was a short period that Lego allowed people to design their own sets and order them through Lego but it was so popular they had to shut it down.
People even buy new sets to sort them out just to get new bricks to combine into their own creations without having to buy them in bulk and not being able to use half of what they buy.
Well then, it sounds like Lego isn't interested in furthering either a custom or secondary market which could undercut their new sales. That is a business opportunity, no?
Could you make money just buying bulk, sorting out rare parts, and reselling those?
Lego definitely likes the secondary market, because the Lego market turns out to be pretty efficient.
The price of buying a new (or used) box vs. the price of "Bricklink"ing the parts is usually pretty much in favor of the former, which makes sense since the latter involves more S&H fees.
In additions, new moulds or new colors for existing moulds come up all the time (yet new moulds are all designed in the same system, so that they increase the versatility of Lego rather than Playmobil-izing them[0]). Therefore, advanced fans who design their own creations and buy bricks in bulk do get lots of new Lego boxes. For example the VW Beetle model[1], besides being really cool in itself, had a lot of azure bricks, including many shapes that had never been realised in that color. Likewise for some Architecture boxes.
[0] "New bricks are too specialized" is the Lego version of "HN is turning into Reddit"
Cool. I know some folks in Taiwan who would be very interested in this sort of thing. If you ever come through this way, I'm happy to show you around! Understood that your consulting work pays more and takes priority. Still crossing my fingers for part 2 tho :-D
> Lego isn't interested in furthering either a custom or secondary market
Once Lego's patent expired it tried a fairly shady legal theory that the interconnect shapes were trademarked/trademarkable. They pursued this all the way to the Canadian Supreme Court where they lost unanimously.
It seems like the wheel problem could be solved by a dowel rod that would keep things rolling along until they fell over? I suppose that unfortunately gives another way for the thing to get clogged up?
I'm surprised that this strategy isn't more quicksort-ish, I was expecting a first pass into warm or cool colors, then another pass into large or small lego, etc.
Everybody that hasn't sorted lego in bulk says the same thing :) The color sort would not help because in the end the idea is to get the same shaped parts in to a bin, not the same colored parts. Our brains are much better at picking a red part out of a background of similar shaped parts than they are at picking out a red part of a certain shape from a background of other red parts with different shapes.
As for the multiple passes, that's actually how it works, the first pass sorts into the 7 most common categories and then quickly works down from there. But the 'runoff' bin is by far the largest at the end of every run. After 3 passes the bulk has completely disappeared and most of the remains are sufficiently rare to be dumped into the right container individually. It goes pretty quickly: first pass: 7 bins, second pass: 7 bins again, but 49 if you put the first seven through again (but in larger volume accumulated from several runs on smaller lots). And so on. Since the bulk of the lego is in those first 49 and the value is in the remainder it doesn't take long to add value to a pile.
As for the mechanics, any obstruction, no matter how well intended will immediately become a point for a bridge to anchor to.
What is the back of the enveloper calculation of doing it by hand? Doesn't seem like it would take a few high school students that long to go through the 2000kg and come out with a very nicely sorted set of Lego bricks.
I work in a steel mill we use a similar setup with an optical camera to size streams of Ore and Coke particles. One thing you could look into is using a vibrating feeder (sometimes called a 'vibro') this is what we use to stop screens from 'pegging' - similar issue to the bridging problem mentioned in the article.
High-speed optical sorters are the sort of behind-the-scenes tech that make me feel like I'm living in the future. I have vivid memories as a child watching people winnow rice by hand using wide, flat bamboo baskets.
Had I seen something like the optical sorter back then, I would have thought it (Arthur C. Clarkeian) magic!
> it's fascinating to see the parallel invention of something really similar!
This isn't parallel invention - the principal of optical sorting and air ejection are well known and understood. (Which is not to lessen the achievement in building this, but building and inventing are not the same thing.)
Dunno who here is old enough to remember but back in the day every bag of chips used to contain a few burnt chips. Well, thanks to those computer vision air blasting sorting machines theres no more burnt ones in the bag! They all get air blasted out and now chips are uniform.
Sorting beans was the exact thing I was thinking of when watching this. I process a lot of chickpeas at home, and the quality of the dried chickpeas going in is quite mixed. There are some split ones (not good for sprouting), and some duds which won't soak or sprout even though they're whole.
I think that people might pay for the convenience of getting a bag full of proper chickpeas with no duds and no stones (I've heard of this, but never really seen it).
Maybe some day Suraj and NuPak will go a little further with their cleaning and get rid of damaged beans and not just stones.
Though, frankly I think they could do better than average with a specific gravity/densimetric sorter; it would probably require fewer passes through the optical sorter as well.
Sorting beans is a well-solved problem using a sort of waterfall (of beans) where computer vision selects the bad beans and air jets eject them.
The equipment costs money; and reduces the volume of "product" left for sale. Your problem is capitalism - the companies don't do that because it lowers their profit.
The study showed that having more books was correlated with children being more successful, but that doesn't mean that having more books on shelves is actually the cause. It's more likely that the kind of parents that have high quality books have qualities that would make their kids successful, regardless of the books on the shelves.
> The implications are clear: Owning books in the home is one of the best things you can do for your children academically. It helps, of course, if parents are reading to their children and reading themselves, not simply buying books by the yard as décor.
> “It is a big question of whether it’s the books themselves or the parental scholarly culture that matters — we’re guessing it’s somewhere in between,” said Mariah Evans, one of the study’s authors and an associate professor of sociology at the University of Nevada, Reno. “The books partly reflect intelligence.”
I think there is plenty else that is wrong. For example:
* Corporate influence via funding studies (and not publishing the failures), as well as hiring away top researchers (e.g. Hinton by Google)
* The tenure system is vanishing, with more and more staff turning into non-tenured "associates", and fewer and fewer young hopefuls finding a successful career in science.
* Promotions are based on dubious publication metrics.
@nikrdc, if this is you, why are you doing something so destructive and stupid?