This is what I don't get about Bing though. $10 billion dollars, 5 years of investment, and I don't know how many man hours.

At BEST it's a mediocre imitation, and at worst, a disaster. Search is definitely not a solved problem; I think that there's still a huge potential for disruption there, but throwing money at it won't work if Microsoft's attempt is any lesson.

Looking above (dllu's comment) a significant factor in success at these competitions is practice. There's a good chance a lot of these folks are just students trying this for kicks. Basically, its really unclear how much self selection goes on with these contestants. Genuinely "trying" here means genuinely practicing; its unlikely that you would fail the first round if you practiced

Here's the difference between urls:

Posted: http://online.wsj.com/news/articles/SB1000142405270230387360...

Google: http://online.wsj.com/article/BT-CO-20140411-711057.html

Why not post the google one and save us the collective time lost?

Curious how the author knew to seed the backdoor'ed Notepad++ before Bill clicked the link?

I suppose you could just serve up a fake backdoor program for every *.exe\msi download, and remove the honeypot on the second download? The first download would execute and maybe do nothing (or error) - prompting a second download which led to the real thing.

In the article, he mentions using Evilgrade to do the backdooring. If you click though the link, you can find the README, which lists a bunch of applications that Evilgrade supports seeding backdoored versions of http://www.infobyte.com.ar/down/isr-evilgrade-Readme.txt

He likely just enabled them all, or at least enabled several which are likely candidates for his target to download.

Notepad++ checks a known URL for updates. He'll have spoofed the URL to tell Notepad++ that there was an update, his.

It probably just backdoors any executable it sees on the fly.

Even in the AJAX timeframe, there was still a way to do async push style interaction from server to client. See Comet: http://en.wikipedia.org/wiki/Comet_%28programming%29

Gmail used this technique via a hidden iframe.

Yeah; I had done this sort of stuff in 1998 using a custom HTTP server I wrote in VBScript.

On IE they used ActiveXObject called "htmlfile"

Isn't this just a trailing GET? This technique has been around since the 90's and has been used in lots of applications.

The comparison to AJAX in 2005 is a little odd for me, as this is already a pretty mature technique. AJAX in 2005 was pretty novel because the prior (to Google, and others) use-case was for early Microsoft web apps tied heavily to IE.

If you remove the constraint "in a web browser" then there is nothing here at all to talk about. Making an acronym for stuff people have been doing routinely since the 1970s is kind of weird. This is the problem with web programmers.

I wonder if this will be the death of Hiku? Amazon's product is definitely going to be cheaper than $79 price for Hiku with (obvious) heavy ties into the Amazon ecosystem.

I suppose they could try to pivot and cater to a different ecosystem (Google shopping express, or the like), but seems like an uphill battle.

Maybe Hiku could offer their services to the rest of the world? From its homepage, I don't get it whether its business model requires tie-in with a retailer.

This is awesome. Intellisense support will certainly beat using vim for my node projects :-)

It also appears to work with the free version of VS (Visual Studio Express).

A significant subset of .NET had to exist anyway for Silverlight to run on the Mac.

I'm sure the codebase is factored internally to have some sort of platform abstraction.

If imgur approaches Youtube's scale won't the comments on imgur also become toxic?

This still appears to be an unsolved issue (although, one could argue whether it is really an "issue"). Google's G+ approach (barring anonymous comments, etc) does not appear to have addressed the core concern.