119 comments

[ 3.0 ms ] story [ 169 ms ] thread
I actually followed the link and was entertained. +1 would read again.
I remember a 404 page that was a Brickles game you could play. It was in flash, so if it is still around somewhere, and was never ported to Javascript, it's not easily viewable.
(comment deleted)
This got me thinking. Instead of a fixed 404 page, using something like what the Post-modernism Generator[1] uses[2] to generate a web-page, kinda best-effort style.

Could be fun :)

[1]: http://www.elsewhere.org/journal/pomo/

[2]: http://dev.null.org/dadaengine/

Post modernism generator reminds me of a 9 year old trying to impress me with big words but all in all clever but schizo jumping from topic to topic.

Postmodern philosophy should explain simply and most of them do: https://m.youtube.com/channel/UCSkzHxIcfoEr69MWBdo0ppg

> Postmodern philosophy should explain simply

It's not always possible when precisely what is being attempted is to sketch ideas inexpressible with simple denotational language and concepts. What late Heidegger & much of Derrida write is outside the limits of 'commonsense'.

Of course one can contest whether the whole enterprise is meaningful at all, or whether their specific attempts succeed, but 'explaining simply' just isn't relevant to what they are trying to do. It's like claiming you're asking a poet to be more prosaic, which amounts to asking them not to write poetry at all.

That’s brilliant - Funny without being unusable. But I wouldn’t want to be the person monitoring their 404 errors right now.
Hopefully they're m monitoring system knows the difference between direct 404 access and legitimately not found pages.
The URL provided is just a page UUID with some parts deleted, not "404.html" or whatever. So it really is a "legitimately not found page", but would be hopefully be flagged as "spike in 404 errors due to dead link [...] on news.ycombinator.com" by a reasonable CMS.
On the early web, mit.edu had this:

    I ate your web page.
    Forgive me, it was juicy
    and tart on my tongue.
This reminds me of the web browser that shipped with BeOS (1995-2001), NetPositive. It would replace 404-status responses and network errors with haikus.

There's an archive of those haikus at https://8325.org/haiku/!

    Yesterday it worked
    Today it is not working
    The web is like that.
The Liberal Democrats (Britain’s centrist, pro-European party) have a nice line in 404s: https://www.libdems.org.uk/aaaa

I recycled an ancient found image for my own site (OpenStreetMap-powered bike directions on quiet roads/trails): https://cycle.travel/aaaa

For those not in the UK, the older man on the LibDem site is Jeremy Corbyn, leader of Labour, the official opposition party. The breast slapping was an awkward missed high five during the last general election where Labour unexpectedly won far more seats than predicted. He is not seen as a "handsy" politician - this incident is far more "awks" than "yuks"

The 404 joke is that Labour has for several years being trying to avoid having a clear official policy opposing or supporting Brexit

The even bigger joke is that when asked, Labour always say "look, we've been very clear on Brexit"
What are you talking about? All the parties have been crystal clear on Brexit. "Brexit means Brexit", what's unclear about that?
We've been clear as clarity itself, that Brexit means Brexit, and that's okay because it is acceptable.

Understand? Good.

If it's so crystal clear to everyone, why hasn't it happened yet?
because brexit means brexit, ofcourse...
It sounds like Jon Snow needs to take them to task à la Tony Blair.
That's a good line, but I think Labour did it first and the Lib Dems are parodying the high-five https://labour.org.uk/aaaa
I'm fairly sure the Lib Dems were doing the 'funny' 404s first. I'm not sure if archive.org keeps 404 pages though.
I really like your missing cycle poster. Too relatable (lost 2 bikes in Amsterdam).
Citing from an early-web travelogue:

> On average, three bikes are stolen from a Norwegian in their life. Question: how many bikes, on average, does a Norwegian steal in their life?

I had to open a second browser to see what was so funny — in Brave, it just gives a normal-looking 404 error.
You have the option to intercept web page errors on (perhaps by default). Microsoft was famous for doing that in IE.
Did HN just hug a 404 page to death? That is pretty surreal!
Doesnt surprise me to be honest.

I've seen this in the past where a backend google search appliance search was triggered for 404 with the query being parts of the 404 url.

That overwhelmed the search appliance and led to thread exhaustion on the component in front (ridiculous search timeout)... in the end the whole site went down.

I've read the second sentence 5 times, but I can't understand it. Could you rephrase it please?
Front end hit to /article/page-not-here triggers a search in the back end, /search?q=page+not+here.
Sorry for that.

That was a classic tomcat + reverse proxy setup with a fixed number of tc threads. All were being starved by waiting for the search appliance backend calls to return (60s timeout).

Go to ft.com, accept the declaration of cookies, try again.
Even more so, the page offers a theory to explain that:

> Speculative bubble

> The page never actually existed and was fundamentally impossible, but everyone bought into it in a frenzy and it's all now ending in tears.

This one fits even better:

>Tragedy of the Commons

>Everyone wanted to view this page, but no-one was willing to maintain it.

Trumponomics:

--

We will make this page

Great again with excellent

Negotiations

Woe to emperors

Who are parading smartly

And have their buff called

Amusing it is

To see comments carpet bombed

Or applauded. Why?

Sometimes governments have a sense of humour: https://www.govt.nz/404
lol, New Zealand is missing from the map.
The page was revised in April, so it may be a reference to Ikea leaving the country off of a map: https://www.cnbc.com/2019/02/11/ikea-reportedly-apologizes-f...
IKEA is a special case for New Zealand, the story goes that NZ slighted IKEA in some way a long time ago, something like being unwilling to provide favorable zoning for a flagship store, and this resulted in IKEA leadership blacklisting NZ. This is often given as the reason that no store exists even today.

Quite possibly not true, more likely is that the small population and logistics complexity makes it uneconomical to service, especially for a brand that depends on scale.

Apparently they're launching a store soon anyway.

IKEA-type shops were literally illegal in Ireland until recently (the law was changed in 2005 to allow limited types of shops, including IKEA, to have more than 6k sqm) and I don’t think they ever left us off their maps.
Are you sure it’s meant to be funny? The entire features some strange errors, like Sweden/Finnland being glued to mainland Europe?
Europe got a really bad wrap in this picture. My guess is that it's the result of a bad automatic vectorization of a raster picture.

But I think that a missing NZ would stick out like a sore thumb to New Zealanders. Just like the Fennoscandian errors you mentioned sticks out to a Fennoscandian like me. It's intentional; no doubt.

Quite amazingly neither of these pages work without JS.

How difficult is it to make a page saying 'not found' using static HTML, perhaps with a GIF if you want minor animation.

I mean, how difficult is it to not use tech that you don't need?

Edit: loved the FT 404 though

You need JavaScript to use the web in 2019. It has nothing to do with difficulty. You also need an ID to get into the boarding area of an airport and you can't smoke in restaurants. It's never going to be 1995 again. It's time to stop complaining about this.
Those are not remotely the same. A web page can function without JS. It's not something you need to display some text and some images. And it's not harmful to others. Smoking in a closed space is.

Also, I can't believe every time this refrain pops up we need to be reminded that js not loading is not only a problem for those deactivating it explicitly but also in those cases when it didn't load for any number of reasons (like a bad connection). You're doing your visitors a disservice if you need js to load static text and pictures.

A web page can function without JS, but a lot of things seriously aren't doable with just HTML5, no matter how hard you try.
It depends on where you draw the line between what you call a webpage vs a webapp. If a webpage is something with just text, images, and non-interactive forms (and audio and video to a lesser extent), then it's perfectly possible.
(comment deleted)
Nobody complains that Google Maps are using JS. People are complaining that developers abusing JS just to show simple page or video which is perfectly doable with HTML 5.
Showing a simple video isn't simple without JS, it's just clunky in all aspects.
I think you're mistaking simple for something else. Simple can easily be clunky. I would even say simple is often clunky.

Making something elegant, and full of features, and pretty is often complex.

It's not simple even for the developer to use the video tag if you want a thing that works.
It's very simple: just use <video> tag.
>You need JavaScript to use the web in 2019

No you don't. Nor should you ever if the page doesn't need it.

Having your code running on my machine always was and always will be a security risk. If you don't understand that you shouldn't be in that job.

> You also need an ID to get into the boarding area of an airport and you can't smoke in restaurants

Respectively, that's because a boarding area is not a public area, and relevance of smoking to this?

> It's time to stop complaining about this

No, it's time web devs understood the implications of their job, and the risk they put their users at if done improperly.

An axiom of technology design: Simplicity. If you don't need X, don't use it.

Edit: so you're the "Founder of Improvely: https://www.improvely.com" which "Track, Test and Optimize Your Online Marketing". That explains something. No, no, no, you're not going to track me. I am not your data point.

It's your right to choose to browse the internet without JavaScript enabled.

If a website doesn't run then it's upto you to either accept that you won't see their content or enable JS.

People who complain about sites not working without JS in comment sections are silly. Nobody is going to be convinced to change.

You're correct (upvoted for that), it's my right and I decided long ago. I'm ok paying the price, also reaping the rewards of very fast page loading, zero tracking, and shutting off a huge vector for malware.

But others with less tech knowledge (which is 97% of the population I guess) are not in a position to make the choice and have to trust. Some people abuse that trust for profit. Other web devs are well-intentioned but clueless about the risks they put on the users.

Also I disable JS long ago because I knew that there would be unknown unknows, and bingo: (https://react-etc.net/entry/exploiting-speculative-execution...) "Exploiting Speculative Execution (Meltdown/Spectre) via JavaScript"

It's a matter of trust; trust is earned; the industry as a whole hasn't earned it.

Further reading:

Remember that there is no code faster than no code. -- Taligent's Guide to Designing Programs

Simple things should be simple and complex things should be possible. -- Alan Kay

Perfection (in design) is achieved not when there is nothing more to add, but rather when there is nothing more to take away. -- Antoine de Saint-Exupéry

[...]But there is one quality that cannot be purchased in this way---and that is reliability. The price of reliability is the pursuit of the utmost simplicity. It is a price which the very rich find most hard to pay. -- C.A.R. Hoare, "The Emperor's Old Clothes", Turing Award Lecture (1980)

Increasingly, people seem to misinterpret complexity as sophistication, which is baffling --- the incomprehensible should cause suspicion rather than admiration. Possibly this trend results from a mistaken belief that using a somewhat mysterious device confers an aura of power on the user. -- Niklaus Wirth

The difference between a good and a poor architect is that the poor architect succumbs to every temptation and the good one resists it. -- Ludwig Wittgenstein

Beauty is more important in computing than anywhere else in technology because software is so complicated. Beauty is the ultimate defense against complexity. -- David Gelernter, "Machine Beauty", Basic Books (1998)

Fools ignore complexity; pragmatists suffer it; experts avoid it; geniuses remove it. -- Alan Perlis

The cheapest, fastest, and most reliable components of a computer system are those that aren't there. -- Graham Bell

[...]Simplicity and elegance are unpopular because they require hard work and discipline to achieve and education to be appreciated. -- Edsger W. Dijkstra

Controlling complexity is the essence of computer programming. -- Brian Kernighan

Complexity is a sign of technical immaturity. Simplicity of use is the real sign of a well design product whether it is an ATM or a Patriot missile. -- Daniel T. Ling

There's an old story about the person who wished his computer were as easy to use as his telephone. That wish has come true, since I no longer know how to use my telephone. -- Bjarne Stroustrup

The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We cause accidents. -- Nathaniel S. Borenstein

While I don't particularly agree that it's totally acceptable for a static 404 to need JS, I also don't really follow your concern for security. I've been browsing the web since 1998 and not once has my machine been compromised by malware due to normal JS on a normal website - so not sure what the "huge vector" impact is...Concern over Meltdown exploit through JS? Again, when just browsing the "normal" web? Maybe you're working on top national security secrets from your home while opening a LibDem site?
Let's start with the answer in a nutshell: a personal approach to safety, and a systemic approach to safety.

> Concern over Meltdown exploit through JS? Again, when just browsing the "normal" web?

I am not an expert in these things but what I do know, and it is backed up by the quotes from various well-known engineers (in the looser sense, encompassing programmers) I gave, is that complexity costs. Security is one such.

From https://coar.risc.anl.gov/meltdown-spectre-and-speculative-e... "Using these instructions, a malicious program can be created that leveraged speculative execution to read and send every address in memory to the attackers [...] Additionally, the authors crafted a JavaScript program that leverages the browser process that houses it to access additional memory locations. Both of these proof-of-concept attacks violate memory isolation boundaries that have delineated program execution spaces"

There were some quick patching and releasing done to browsers for this (coarsening the granularity of the timer IIRC) so I guess they must have cared.

If you can read outside process boundaries then theoretically... well, do you bank online? Do you ever put your credit card number into a website? If you don't do you think other people do?

I don't know if these cpu flaws can be realistically used, and the data exfiltrated from your machine, but I know with certainty that no JS = no exploitation will ever be possible with JS.

Example: this happened in about 2012 with a company I was working for. I'll necessarily be vague, sorry. We were phished with a precision that was shocking and had nearly £20,000 taken from the company account. The malware came with browser-embedded java (not javascript!). Our off-site support guy, R, came in after and me and him uninstalled java from all the machines (~20, small business). Without the java the attack could not have taken place (the attack was 2-pronged and needed more than the java, but it was a necessary).

The broader lesson is, if there's a hole it can be exploited, but if no hole then no exploit is possible there. This should be self-evident.

OK, my GP has desktops in their office which are connected to the web, and allow JS to run. Are my medical records safe? Are yours?

A company I worked for a year ago (turnover several million) had the browser screen hijacked with a warning I had malware and to call this number. I had to call support to verify it was a scam - remember I don't see these at home so I literally never saw this before and had to check. If I'd been a naive user at home I'd have been on the phone to wherever so the nice man could help me.

The machines in that office would crawl for an hour once a week when a malware scan was being run (run late, but staff often worked late so it bothered them occasionally). Malware checker and human time interfered with - another cost.

What about the cost of your browsing time of slow page loads and annoying audio/video? The cost of being tracked? Is this acceptable to you? Not for me it isn't. We may differ in what we're prepared to tolerate though.

If more sites are allowe to abuse js because people won't push back then that js-disease will spread and sites will choose to use it. If there's pushback then it will be reduced and we start to gain a kind of herd immunity.

You asked about malware, does this help?https://www.trendmicro.com/vinfo/us/security/news/cybercrime...

Just google "javascript malware". You won't run out of hits. Stupid net security holes and we are talking about cyber warfare - closin...

Lots of ad and script blockers block JS nowadays, you can definitely go without it. For my browsing habits at least, I find I can disable JS globally and selectively unblock it when I come across a site that does require JS. It's doable, and a tad bit safer too.
I'm surprised by the downvotes for this. There are downsides to using Javascript for everything, so it isn't a free lunch.

Move fast and break things is increasingly less defensible for what is a mature technology that the world relies on. And Moores Law is a thing of the past, it isn't really tenable to just take the view that hardware will 'fix' your performance problems. Then there are the security and accessibility considerations.

I suppose Javascript is the single use plastic of the digital world. In its place there aren't really any good alternatives, that doesn't mean you should use it everywhere.

It’s being downvoted because it’s a boring tired comment that adds nothing new. These discussions are had in nearly every thread.
I wouldn't say every thread at all, but maybe we read different kinds of submissions.

Plus many things are repeated ad infinituum. I can guarantee any discussion on wind power will have someone saying we should be going nuclear. Every discussion on electric cars will devolve to a discussion on Elon Musks personality, every discussion on facebook will lead to a mention on privacy. People have opinions, they've come here to express them, most of it will retread old ground, if there was nothing new to add, 90% of submissions could just be linked to the original discussion, that isnt what happens, (although old threads are generally linked to) so it seems reasonable if we're going to re-have all the other discussions, to re-have this discussion.

And finally, it seems to be the rule that to be downvoted, an opinion has to be wrong and/or offensive. So if there is a downvoted comment that seems to be neither I'll then take the time to find out if I was wrong, so for me, downvoting comments that you just don't want to read, just adds noise. I'll admit that that's personal to me, and its entirely likely that others see downvotes differently, that is an annoying consequence of votes being such blunt instruments.

This sidesteps the truth of my point. Rebut me with arguments, not petulant downvotes. If you have no arguments, maybe, just maybe, you're wrong.
Sometimes you're right but also irrelevant. For instance, if I started posting "2+2=4 and 1+1=2 and addition is associative so 1+1+1+1=4" then I'm right but also useless. So the correctness is irrelevant to the discussion.

We don't live long enough to examine every true argument. It is important to us to filter to useful ones. In that respect, starting the JS debate is the equivalent of starting a neovim vs xemacs debate, both of which are like chewing gum that's got all the flavour gone in the first hour.

Your maths example is incontestably true so no-one would waste time debating it.

Claiming js is essential to all modern browsing is not true and I am contesting it because in practice its use opens up bloody great security holes.

And you are still not addressing my obvious and relevant point, that not using js closes those holes. Stop downvoting and explain why you think compromising browsing safety is your right.

We detached this subthread from https://news.ycombinator.com/item?id=20490102.
Forgive me, I don't recall reading about this act in your guidelines - what does detaching it mean? I can still see it in the original thread even when not logged in.

Also, for my own record, do you consider this discussion inappropriate to the subject of natty 404 pages? Asking as I kicked it off.

Detaching just means it becomes a top level comment instead of a reply to its original parent. The main reason we do that is when a subthread is off topic. Especially if it's a generic tangent like JS vs. no-JS, which gets repeated often.
This is a blank page with uBlock/uMatrix. Fitting. And also the reason I haven't read a single FT page in over a year.
One thing that annoys me about funny 404 pages is that they tend to assume that either a) the content referenced by the URL was deleted intentionally, or b) the user mistyped the URL. While in practise, the majority of the time I hit a 404 page, it is due to malpractise by the webmaster. A 404 page has to be very funny to offset the fact that it often is very unhelpful and blames the user for the webmaster's faults. (Fortunately, I found the FT Page submitted that funny, unlike many of the others in the comments.)

In that light, I find 404 pages like these refreshing for recognising the situation for what it is: https://two-wrongs.com/404

Based on your username and https://xkqr.org/, it appears that you wrote that 404 page. You might want to state that clearly when you present it as an example to follow.
Oh, crap. I skipped proof-reading this one comment, thinking "what's the worst that can happen?" Apparently I can forget to mention that I'm linking to my own page!

I'm very glad you puzzled together the domain name and my username, to make this more transparent. I'm also terribly sorry you had to do what was my job in the first place. Thank you.

It's still pretty lame that you're asking for coffee on that page.
To be fair, that looks like their site's footer (see blog), but agree it would make sense to remove it on that page, to not contradict the message :)
At least the FT 404 page has the virtue of not being self-serving.
Personally these special 404 just waste time and create confusion. Just a blank page with 404 and standard "Page Not Found" would be much better.
Yeah, I'd say it looks too much like a content page.
I wonder if this thread will cause an alarm on one the linked pages due to too high number of bad requests (and will make some poor employee investigate it on Sunday).
"Mercantilism The page is hosted by a foreign web server and is therefore banned to ensure the supremacy of our own software."

Isnt that protectionism?

Wouldn't mercantilism suggest the article was better being supplied from a different website.

It seems to be becoming more of a problem on stackoverflow.

Organizations change their documentation site and then everything that links to the old one is irrelevant.