It's not impervious to bad weather, but pretty resilient. I'd say in the 2 years we've had ours the system has shut off maybe 3-4 times due to one of: a) very low and direct sun angle, b) very heavy rain, c) dense fog. Which, to be fair, are all difficult conditions for a human to drive in as well.
But I agree with the parent, the suite of driver assistance features is very good, but a long way from "self driving".
Do you know if there a legal/tax impediment to getting the pass-through classified as a not-for-profit? Or did you just mean it makes it harder to implement as a traditional startup?
The pass-through would have to set up as a foundation that then issues grants to other non-profits. That isn't an easy process. I won't donate anything unless there's a tax advantage. The reason is that non-profits that are registered 501 3(c)'s have certain reporting requirements. If they aren't registered, there's little accountability.
We’re a nonprofit too!
Dollar a Day makes no money, in any way, from donations on this site. Dollar a Day was built by a team of (almost entirely) volunteers.
I'm curious as to what your turnaround time from order to delivery is?
We actually tried something pretty similar last year here in Portland (the site is still alive at www.localplate.com although we have ceased operations), we found it pretty challenging just to get people to plan ahead far enough for our offering to be viable. (We came across some consumer research that something like 70% of households don't have a plan for dinner until sometime the same day.)
We eventually tried distribution through existing retail channels which definitely helped with the traction side but made the economics pretty challenging. :)
Best of luck though, it's an interesting space with a lot of people attacking it from different directions right now.
(E-mail is in my profile if you want to know any more about our experience.)
I've gone twice and it is really fascinating. You get to stand about twenty feet from the face of the reactor core, walk around the control room, etc. I have some pictures and video I can share if anyone is interested, although I'm sure some Googling can turn up lots of them as well.
One of my favorite anecdotes is that the valve covers for all the cooling pipes are open and have to remain that way so that the Russian inspectors can verify each year that there is no evidence that the reactor has been in operation. (Not sure if these inspections are actually still happening.)
Also for arms control purposes, there is an open pit elsewhere on the site where decommissioned US Navy reactors are stored. (Russia can monitor the number and position of them via satellite.)
I would be interseted to hear which US/Russian treaty involved verification of plutonium production reactors or naval reactors. I'm not aware of any such.
(There are plans for a Fissile Material Cutoff Treaty, but discussion has on that has been indefinitely stalled in the Conference on Disarmament by Pakistan).
That's great to read, thanks! I imagine the experience earned on verifying the PPRA will be valuable when a verification mechanism for the FMCT is designed.
I just tried this on one of my side project sites and it's reporting it as being vulnerable. However I upgraded the site to Rails 3.2.1 last week (and just confirmed that's the version in the bundle). Is there something that would cause a false positive or is my app really still vulnerable?
There is the potential for false positives, but I'd be happy to chat about it - feel free to get in touch either via email at support@tinfoilsecurity.com or in our support chat: http://www.tinfoilsecurity.com/chat
ITYM 3.2.11? 3.2.1 is definitely vulnerable... We had a typo in ours that said 3.2.1 was safe - so sorry about that! Fixing that now. You should upgrade to 3.2.11.
We also are seeing a small group of apps with vulnerable applications even after upgrading to Rails 3.2.11, possibly due to a rogue middleware or other library. Disabling XML parsing entirely is one approach (see http://news.ycombinator.com/item?id=5035389) but we'd love to track it down further for everyone's good. Feel free to join us at https://www.tinfoilsecurity.com/chat if you'd like.
Aha, well apparently I never merged that commit into my deploy branch, so it was still actually on 3.2.1. That combined with the fact that your page had said 3.2.1 was safe caused my brain to short circuit and not realize that 3.2.11 is what it needed to be on. :) I'll redeploy and check it again, thanks guys!
'bensedat seems to be hellbanned for some reason (Can a mod unhellban? He's definitely not a troll.) Anyway, echoing his comment:
We also are seeing a small group of apps with vulnerable applications even after upgrading to Rails 3.2.11, possibly due to a rogue middleware or other library. Disabling XML parsing entirely is one approach (see http://news.ycombinator.com/item?id=5035389) but we'd love to track it down further for everyone's good. Feel free to join us at https://www.tinfoilsecurity.com/chat if you'd like.
Steve, could you maybe expand a little bit on your reasons for not wanting to have the gems cached in your repo? Have you run into practical issues (deployment speed, etc.) or is it more of a philosophical thing?
Philosophical, mostly. Any non-philosophical justification I could give you would really be me just porting over my philosophical justification and pretending it's objective.
Example: "I don't want to wait forever while I transfer the extra 38mb over the network." (That's the size of a vendor/bundle for a new Rails app.) I have never actually compared transfer speed in each instance, so that'd just be a backport. ;)
That said, as far as philosophical objections go:
1. Checking in generated files is not best-practice. This feels the same to me.
2. I do a lot of development:
$ ls src | wc -l
107
Not all of those are Ruby projects, mind you, but I'm a member of 25 GitHub organizations and have ~100 repos on my personal account. That's a LOT of duplicate gem data.
3. Updating gem files in the repo obscures diffs. If I'm working on a feature branch, and I have 3 commits, and one of them is updating 3 gems, I have a few dozen or hundred files changed. I just want to see my changes, dammit! I guess this one can be construed as practical.
The reason I went with "vendor everything" several years ago was that I had to make some changes to a legacy codebase and discovered that one of the gems it depended on was no longer available. It wasn't the end of the world to refactor around it, but it motivated me to find a way to ensure I would always have a local copy of all the dependencies for each app.
Someone in the comments of the rubygems.org story yesterday mentioned using a submodule for vendor/cache which seems like an interesting idea to me. That could at least partially address #3.
Not that this line of discussion is particularly constructive, but I agree. I'm not sure why someone would think a giant head staring at the reader is a good idea, but it's not.
On a 27" monitor, it's almost like a child sized head right up in your face. I can only imagine it being even worse on bigger screens.
Even though the 4S is supposedly a GSM/CDMA combined phone, its still locked to individual carriers, unless you happened to buy the unlocked version at nearly $800 USD.
I would say your customers can sue you regardless of what you say in an email or blog post. Using lawyers to hide from your customers seems less than optimal.
But I agree with the parent, the suite of driver assistance features is very good, but a long way from "self driving".