If this trend continues, with less office space used, while population numbers stay stable or increase, is there a possibility of commercial buildings like this being rezoned to residential?
There don’t seem to be any rules preventing residential construction in the existing C-3-O zone. In general SF permits residential construction anywhere, but the problems come from the fact that all development permits in that city are discretionary, so you never know what the real rules are until you get in front of a hearing.
If they can make that conversion this seems like it would be a steal. $225/sq ft versus over $1000/sq ft for residential in SF.
SF doesn't seem like somewhere that would vote against more housing being available, so if it doesn't even involve rezoning, I'm curious if that's a viable path for this and other office buildings.
> Tech has been bending over backwards for quite a while, but to no avail.
You're applying a false equivalence here. Some things are positive changes and make sense, and some are not. Grouping everything together isn't helpful.
I am male, and my first thought on reading the title was that it was juvenile to a point that I was surprised to see it as a title on HN. Hearing someone else echo that feedback is helpful and will hopefully help the author in their growth.
This is not a "bend over backwards" request, it's a dumb sexual joke on HN, and your response comes across as very condescending.
For what it's worth, I even partially agree with you.
I went back and noticed that the original comment is dead and flagged now. So I 'vouched' for it: I don't entirely agree with the contents, but I think it is part of a good debate.
It's been 12 days since they tested everyone. My understanding is that the results for serological tests are available right away, so I was expecting them to publish results within a few days. Any idea why they haven't yet?
Perhaps they can't get statistical significance. You'd ballpark a 0.5% infection rate in the Bay Area going by deaths and current best guesses for IFR. Your false positive rate might exceed that.
These tests are better done in highly infected areas like NYC.
We have randomized PCR studies and ships where everyone got tested. Yes, there is error there (false negatives), but there's an upper bound to how much there can be.
Probably ended up with the same specificity problem that ruined the German antibody test. It's incredibly hard to test for just a single form of Coronavirus.
It sound like they're using land that Google already owns for this: "First, over the next 10 years, we’ll repurpose at least $750 million of Google’s land, most of which is currently zoned for office or commercial space, as residential housing. This will enable us to support the development of at least 15,000 new homes at all income levels in the Bay Area, including housing options for middle and low-income families. (By way of comparison, 3,000 total homes were built in the South Bay in 2018)."
"The security lapse was first reported last month, but at the time, Facebook said it only happened to “tens of thousands of Instagram users,” whereas the number is now being revised up to “millions.” The issue also affected “hundreds of millions of Facebook Lite users” and “tens of millions of other Facebook users.”"
I wonder how much of this is the responsibility on how Instagram was built. Like Instagram may have been built so fast that those things never were accounted for.
Not that I'm giving Facebook excuses, but maybe something was overlooked before acquisition. Then again, Facebook is breaching security protocols left and right.
I assume someone at Facebook, hopefully the person that wrote this, or someone who has more influence over this issue, is reading.
I am an engineer. I understand technology better than most of the general population. When I sign in to my Facebook account to use Spotify, I am absolutely not expecting that Spotify will now have access to read every single one of my private messages. This is a gross violation of trust, and if this is what happened, then the fact that you not only made this mistake, but also then published this blog post defending it, marks a low point for Facebook. Perhaps irrecoverably so for me.
"After signing in to your Facebook account in Spotify’s desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person’s messages in order to power this type of feature."
This is a write permission. So you needed to give Spotify permission to create a message. It seems that your system combines the read and write permissions, since you just grouped them together by saying "access to the person's messages". It also seems from your defense that you see absolutely no issue with this. In order to share a song through Spotify, you are giving them access to every single private message the user has ever written.
I find it hard to believe that Facebook refuses to acknowledge any fault in this: The initial product decision, the upholding of this decision through previous privacy investigations, and this PR response. Am I misinterpreting the facts or scale of this?
> I find it hard to believe that Facebook refuses to acknowledge any fault in this.
I feel that the distance between their rhetoric and their technical machinations is their liability. And to those who say, "no big deal, everyone already knew this" - well, then why does Facebook's rhetoric not match their underlying technology?
If Facebook came out and said, "our business model is to sell ads, so we do everything legally in our power to give people the power to connect to each other, while supporting ourselves by selling ads," then I would have confidence in their statements. They instead obfuscate and disemble.
When they speak of "integration partners" and speak about using Facebook services on various devices, and not in terms of selling the data itself, opening up entire streams of data to read and write permissions, then their aims in this press release are different from the aims of their clients and shareholders. And the extent of that difference is a liability.
That they can't be honest in plain language about their technical systems means they don't yet have confidence that their technical systems would be culturally sustainable were they to be well understood. Incentives are not aligned here - and that is a very scary and generally untenable place to be.
Well if you want to receive a message that someone sends you then you'd also need to grant Spotify read permissions. In essence, you'd be using Spotify as a client app for fb messenger. How else could that work without Spotify getting read/write access to your messages?
The same way that Spotify doesn't just ham-fistedly show you all your Facebook messages... and other apps don't show you messages intended for Spotify.
Presumably messages are tagged in such a way that the source and/or destination are intended for Spotify. Using that same system, you should be able to specify "Spotify can only read & write Spotify messages."
I assume the point here to send someone a message on FB with a Spotify link, so they click on it in their messages and it opens up the Spotify app. If you just want to send a message from one Spotify user directly to another in Spotify, you don't need FB messages at all, right? Spotify has a list of all your FB friend IDs already and knows which Spotify accounts each is connected to
I think the use case is closer to Spotify acting as an alternative client to the messenger backend, much like Adium is an alternative client for Google Chat. Which in this case you have to trust the client. It feels grosser because Spotify isn’t just a desktop application, they could in theory have stored and mined your chats.
There are a number of different authentication schemas with varying levels of privilege. The best practice is always to give the smallest subset of privilege necessary to accomplish whatever task is needed. But it looks like Facebook basically gave On Behalf of User privilege -- the highest level -- to basically everyone who needed any sort of API access from Facebook.
I assume they could have done some kind of "firewalled plugin" architecture? Where there's Facebook code running alongside Spotify code but where the latter has no access to what the former is doing?
Edit: But more generally, this seems like a hard thing to get right, and I just don't see the mind-blowing value-add of being able to FB-message within Spotify!!omg that would justify it.
Not by itself it doesn’t answer that. Why 3 years ago rather than 1 year or “this is stupid, why give Spotify access to all PMs on our system just so a user can send and view PMs within the third party app?
This incident is the first one I've felt this strongly about. There have been many others, but even Cambridge Analytica, to use that example, was just taking information that was semi-public (your likes and interests that all your friends could see), and abusing that information. But that was information that I never mentally compartmentalized as private. Sure the scale and method of abuse was unprecedented, but I also don't blame facebook as much as many people did for not really knowing the extent of how that data could be abused. I also believe that fake news spreading on facebook was a novel-at-the-time phenomenon who's impact was hard to detect until after the damage was done.
My private messages are a whole different category of private. Facebook had a phenomenal engineering team and I put the same trust in them that I put in google for my email. A hack is still possible, but it's the highest level of trust that I can have in a service that I can't control (sure things like Signal exist, but 99% of my friends don't use it, so there's a tradeoff). So this particular incident, and the dismissiveness of the response, is my dealbreaker
Me too. And since most of my social circle have moved from Facebook to WhatsApp for messaging, I am now seriously concerned that WhatsApp is no longer secure... or wont be in the future under Facebook's ownership.
Sure, but there's a big difference between a college kid at 20 and a man at 35. I don't know where you draw the line on things you can assume someone has outgrown, or how they've changed, but I draw it at some point where what he said at 20 when facebook was still a Harvard project doesn't affect how I think of him or the company today
But it’s the same product. Run by the same person.
It’s not like Zuck moved on to a different product besides trading trust for cash. How has he changed? If you’re an engineer and don’t get it then 20 year old Zuck is actually right about you.
"After signing in to your Facebook account in Spotify’s desktop app, you could then send and receive messages without ever leaving the app. Our API provided partners with access to the person’s messages in order to power this type of feature."
> This is a write permission. So you needed to give Spotify permission to create a message. It seems that your system combines the read and write permissions, since you just grouped them together by saying "access to the person's messages".
How is it a write permission when the thing you quoted says "send and receive messages"? That's an inbox. An inbox reads messages.
I don't know what I'm voting on this yet, but it's certainly not a simple matter, and there are many smart and compassionate people who don't support the measure. Here are the mayor's thoughts on homelessness (https://medium.com/@LondonBreed/a-bold-approach-to-homelessn...) and why they oppose the measure (https://medium.com/@LondonBreed/statement-from-mayor-london-...)
As I mentioned I don't know which side I'm on yet, but to just lash out at someone who opposes the measure as "disgraceful" means you're either uninformed or unwilling to consider other reasonable perspectives as legitimate. Either way, you can do better
Airbnb switched to a "double blind" review system several years go, so you only see the other person's review after you've written your own. If you don't leave a review within two weeks, the other review becomes public and you no longer have the option to leave a review. I did a search to see if there was any press about this, couldn't find much but there's a bit about it here: https://medium.com/airbnb-engineering/building-for-trust-503... "The result was a 7% increase in review rates and a 2% increase in negative reviews."
My reason for not writing a negative review is because before staying at their place we exchanged phone numbers and other things, and now I don't feel comfortable writing a negative review and possibly having a confrontation. YMMV but I avoid writing negative reviews despite the 'double blind' review system.
Always contact them through AirBnB. You should be treating it just like contacting random strangers for sex on Craigslist, potentially dangerous. There's no reason to give a random stranger your personal contact details.
We'd love to do this. As you can imagine, however, it's a very time consuming task, and there are a lot of competing priorities (including other projects we've open sourced) and we therefore can't make any guarantees about if/when we'll be able to do it.
