Next: 23:40 Req#168029 HN Q Help Generated 12 Mon 23:28 Size: 238K Articles: 429 Next
If you want to see or try CRiSP, visit http://www.crispeditor.co.uk and try one of the longest established and functional editors on the web! Or subscribe to http://crtags.blogspot.com for a blog on technical articles and joy of computing (sometimes!).
14:13 In praise of grobi for auto-configuring X11 monitors
Comments
14:13 Fixrleak: Fixing Java Resource Leaks with GenAI
Comments
14:13 The Dave and Busters Anomaly
Comments
14:13 QueryLeaf: SQL for Mongo
Comments
14:13 Intel: Winning and Losing
Comments
14:13 Spanish Shipwreck Reveals Evidence of Earliest Known Pet Cats to Arrive in US
Comments
14:13 The Deathbed Fallacy
Comments
14:13 Loss of dance and infant-directed song among the Northern ACHĂ©
Comments
14:13 Embracer Games Archive is preserving 75000 video games and needs contributions
Comments
14:13 Industry groups are not happy about the imminent demise of Energy Star
Comments
14:13 Radxa Orion O6 brings Arm to the midrange PC (with caveats)
Comments
14:13 React Three Ecosystem
Comments
13:50 As an aside, I think QUIC is not a great protocol
The problem is that the protocol designers first and foremost wanted to be independent of any operating system due to the time it takes to deploy their updates. Having the whole network stack in the browser allowed them to perform extremely fast iterations. Even BBR benefited from QUIC's fast turn-around and improved fast thanks to this ease of deployment. My understanding is that as soon as QUIC gets even basic support in a kernel or in a NIC, it will be considered as ossified and will be obsoleted and replaced by something purposely incompatible.
But I agree that the costs are huge. Ideally such protocols should be designed jointly with kernel network developers so as to figure what building blocks are necessary to offload their processing. It could be the ability to receive and send multiple messages from different sources / to different targets, etc. With that said, we already have UDP GSO now, but it doesn't to everything of course. I think for example that an efficient API would permit to pass multiple packets in a single large buffer so that the kernel performs the address validation only once. That's just an example of course, much more is needed.
13:50 As an aside, I think QUIC is not a great protocol
Yeah this is among the areas where kernel support could improve via a better API, because basically you have to arbiter between GSO and pacing. I think that having the ability to work with a ring shared with the kernel, in which packets are laid out with their expected date of output and a pointer to a 5-tuple to use with them could be an alternative that would allow the kernel to do GSO when multiple packets are for the same 5-tuple, which would also depend on timings etc. This would be cheaper than sendmmsg(), and simplify the operations all along the chain, and possibly not depend on codel being enabled.
13:50 QUIC network debugging
It could still be dropped. That's why TCP/IP is a fossil - the *protocol* is designed to be extensible. The hardware (routers) have turned the environment to ice (aka any attempt to modernise TCP/IP is detected by hardware you don't control, which treats evolution as damage, and gets rid of it).
That's why the Internet was complete rubbish a few years back, as router manufacturers proudly sold kit with "we never drop packets", while the internet protocols relied on dropping packets to detect congestion. The result being the entire internet behaved like spaghetti junction in a bad rush hour. Which is why we're paying for an entirely unnecessary superfast backbone we don't need ... I know spam is a problem, but most of the internet capacity is probably there not for spam, but to make sure that slowdowns (that the protocols were *designed* to detect and deal with) don't happen.
The Internet as a whole is actively hostile to any attempts to improve it, and seeing as that hostility is hard-baked into hardware with maybe a ten-year (or more) life span, that's presumably why (in part at least) QUIC is designed to make sure that hardware has no idea what's passing through it.
That's why pretty much the entire internet now runs on port 80 (and a few others :-) - the mechanism that was designed to enable new protocols doesn't work because the wider world of hardware says "I don't recognise it, I'm going to drop it".
Cheers,
Wol
13:50 A path towards removing the concept of "essential"
Then packages could either depend on base-essential or to explicitly depend on individual packages.
That would make answering the question "what breaks if we remove foo from the essential packages?" question simpler - you'd only need to audit those packages which declared an explicit dependency or which depended on the metapackage.
Also I guess you'd only need the metapackage to be declared "essential" in such a world.
I suppose the biggest immediate impact would that it would make the dependency tree quite a bit larger and therefore slower to process?
13:50 Complex and bloated
13:50 Complex and bloated
> It's puzzling how a platform independent high level scripting language would break with minor updates to the host OS.
Why is it puzzling? They are using âeasy to useâ and âflexibleâ language which have zero guardrails that may help against breakages on upgrade. Why wouldn't it break randomly?
For C we have LibAbiGail. For Rust we have Cargo Semver Checks, Crater and many other things... what do we have for Python? Wishful thinking and prayers?
âHigh level scripting languagesâ are not designed to survive upgrades... and distros are very much built around the idea that everything have to be updated. They are fundamentally incompatible. > It's really not a good sign that a application focusing on integration cannot integrate in any standard distribution.
It's not good sign. It's great sign. That's exactly how winner of these games should look like.
When you start an integration project you, essentially, have two (and half) choices:
But... what is a success here? Success would be a state where that horrible mangled monster that is threatening to collapse and unravel at any moment have enough supporters to keep it going, somehow.
Because if chaos, inherent in the approach needed to achieve success, overwhelms developers and the whole thing collapses and couldn't be salvaged... well, that's it, it's no longer a success, obviously.
And if you impose enough rules to support proper upgrades, nice interaction with distros, and other things that may effect the desire of unprofessional contributors to join... you would lose to some other, more chaotic and more âforgivingâ, project.
Only when certain niche if âfully filledâ, with many projects that do what one needs or wants, competition on quality begins (and former leader, closest to collapse, may be replaced with something nicer... think pile of SysVinit scripts vs systemd). And home automation niche is far from being âfully filledâ, even Home Assistant is very far from being at the stage where one may honestly say âyou may buy whatever your want, any IoT gadget - and Home Assistant would support itâ. > It's a bit annoying how all these applications eventually became monstrously complex and bloated.
That's how winners in these races look like, it's 100% inevitable.
People like small and neat solutions... till they find out that something they want only works with a bloated monster... and then they switch.
Bloated monsters win, everything else loses... it's inevitable.
Hide
13:45 Industry groups are not happy about the imminent demise of Energy Star
The program has saved consumers billions of dollars since its inception.
Hide
11:21 Bill Gates Plans To Give Away His Wealth, Shutter Foundation Over Next 20 Years
joshuark shares a report from Axios: Bill Gates, once the richest man in the world, vowed to give away "virtually all" of his wealth through the Gates Foundation over the next two decades. Then, the foundation will close its doors on Dec. 31, 2045. [...] Gates wrote in a Thursday Gates Notes essay that the original plan was to sunset the foundation several decades after he and his then-wife died. Now, Gates believes that a "shorter timeline" is feasible.
Gates pledged three "key aspirations" to guide the foundation's funding over the next two decades, which center on promoting child and maternal health and fighting infectious diseases and poverty. He emphasized that progress is not possible without government cooperation, as the U.S. and other nations slash their foreign aid budgets. "The reality is, we will not eradicate polio without funding from the United States," Gates wrote. It's unclear whether the world's richest countries will continue to stand up for its poorest people," Gates wrote. He added, "But the one thing we can guarantee is that, in all of our work, the Gates Foundation will support efforts to help people and countries pull themselves out of poverty."
10:13 After 16 years, we're renewing the StackOverflow Brand
Comments
10:13 How much information is in DNA?
Comments
10:13 Cosmos 482 Descent Craft tracker
Comments
10:13 CT scans don't lie-cigarettes are harder on the lungs than marijuana
Comments
10:13 A simple 16x16 dot animation from simple math rules
Comments
10:13 Why should I care? Or why punks are correct and old wise philosophers are wrong
Comments
10:13 Detect and crash Chromium bots with one weird trick (bots hate it)
Comments
10:13 Ash (Almquist Shell) Variants
Comments
10:13 Gmail to SQLite
Comments
08:21 Lithium Deposit Valued At $1.5 Trillion Discovered In Oregon
Longtime Slashdot reader schwit1 shares a report from Earth.com: McDermitt Caldera in Oregon is attracting attention for what could be one of the largest lithium deposits ever identified in the United States. Many view it as a potential boost for domestic battery production, while local communities voice concern over the impact on wildlife and cultural sites. The excitement stems from estimates that value the deposit at about $1.5 trillion. Some geologists say these ancient volcanic sediments could contain between 20 and 40 million metric tons of lithium. The study is published in the journal Minerals.
06:13 Algebraic Effects: Another mistake carried through to perfection?
Comments
06:13 Private Japanese lunar lander enters orbit around moon ahead of a June touchdown
Comments
06:13 The Screamer - a yell-on yell-off light
Comments
05:40 Whoop faces backlash after walking back free hardware upgrade promise
Users with over six months' membership were promised a free upgrade, but now they're being charged for the new hardware.
05:40 I tested four camera phones and the Samsung Galaxy S25 still has a shutter lag problem
It's not your imagination, the Galaxy S25 Ultra still struggles with shutter lag when you need it most.
05:40 Sony Xperia 1 VII leaks big time ahead of launch event
The latest Xperia 1 VII leak will get you ready for Sony's launch.
05:40 Bluetooth has a new trick to protect your privacy, with a battery-saving bonus
You probably won't even notice the Bluetooth Core 6.1 update, and that's just the way it likes it!
05:40 Nintendo warns it may brick your Switch if you engage in unauthorized use
Nintendo is getting much more aggressive about hacks, modifications, and emulators.
05:40 The Apple iPad A16 hits new record-low price, but only in one color!
The Apple iPad A16 has never been cheaper! We just hope you like pink.
05:40 YouTube could score big with an exclusive NFL streaming first
YouTube and the NFL could be on a collision course.
05:40 Forget Audio Overviews â NotebookLM's next big feat could be generating Video Overviews
If this is half as impressive as Audio Overviews have been, we could be in for a real treat!
05:40 Samsung Galaxy Ring deal: Get a $100 gift card with your purchase!
Put a ring on it!
05:40 Samsung's best gaming monitor is $900 off
You'll be the envy of your gaming squad!
Hide
03:51 AI Use Damages Professional Reputation, Study Suggests
An anonymous reader quotes a report from Ars Technica: Using AI can be a double-edged sword, according to new research from Duke University. While generative AI tools may boost productivity for some, they might also secretly damage your professional reputation. On Thursday, the Proceedings of the National Academy of Sciences (PNAS) published a study showing that employees who use AI tools like ChatGPT, Claude, and Gemini at work face negative judgments about their competence and motivation from colleagues and managers. "Our findings reveal a dilemma for people considering adopting AI tools: Although AI can enhance productivity, its use carries social costs," write researchers Jessica A. Reif, Richard P. Larrick, and Jack B. Soll of Duke's Fuqua School of Business.
The Duke team conducted four experiments with over 4,400 participants to examine both anticipated and actual evaluations of AI tool users. Their findings, presented in a paper titled "Evidence of a social evaluation penalty for using AI," reveal a consistent pattern of bias against those who receive help from AI. What made this penalty particularly concerning for the researchers was its consistency across demographics. They found that the social stigma against AI use wasn't limited to specific groups. "Testing a broad range of stimuli enabled us to examine whether the target's age, gender, or occupation qualifies the effect of receiving help from Al on these evaluations," the authors wrote in the paper. "We found that none of these target demographic attributes influences the effect of receiving Al help on perceptions of laziness, diligence, competence, independence, or self-assuredness. This suggests that the social stigmatization of AI use is not limited to its use among particular demographic groups. The result appears to be a general one."
03:49 As an aside, I think QUIC is not a great protocol
This is not a problem because in this case 1 QUIC packet = 1 UDP packet. Coalescing is not allowed for (most) short-header packets. Unless I'm missing something?
> 2. Data is acked by packet number, but packet numbers can only increase. Levels of indirection (CPU + state) to handle ACKing. Also rejiggling of packets when you have to reTx.
I don't think you can make it better without other types of trade-offs. One quirky idea that I heard was using rational numbers for subflows for acks :)
> Personally, I think QUIC will not last. It's over-complex and quirky.
It's essentially a whole network stack because the classic network architecture has failed to evolve. QUIC needs to have a kernel-level support to succeed, and I don't see any push into that.
03:49 QUIC network debugging
a) You control at least side of the connection
b) The software supports SSLKEYLOGFILE and you can easily set it
c) You don't need to go back in time to set it, to debug the packet trace you got (e.g., were sent)
03:49 QUIC network debugging
03:49 Automation madness
As big Jon mentioned, you can run HA "Supervised" which means you get to run it on a full OS which is very useful. He perhaps over-looked the bit about Debian current being the only supported option! They do get a bit forthright about this. I redeployed a couple of ill advised Ubuntu based VMs with Debian and restored from config backups.
I have deployed quite a few of these beasties for customers. They are so handy for things like printer fleet management and monitoring. There is a card (in HACS) which will automatically gather up all entities and display statuses when a certain trigger is hit. Ideal for many batteries or toner statuses. At another customer, I set one up at the beginning of the pandemic so they could turn their work CAD boxes on and off using WoL and an integration that sends shutdown commands to Windows. The hardest part of that was sorting out MS's idea of power management for NICs.
Grab a slack handful of ESP32 and the like and with minimal skills and perhaps a soldering iron, some wires, breadboard and a 3D printer, you can create all sorts of things. ESPHome is ready to do the programming with a pleasant webby IDE and does all the heavy lifting.
Frigate and a Google Coral is ready to do security cameras and web cams. All covered with an add on and a GUI.
If you get a microphone(s) sorted out then you can setup a wake word "OK computer" and do text to speech and speech to intents. You can, via a Nabu Casa sub, gateway Amazon Echos and the like to take advantage of them but insulate yourself from direct contact.
The ZWave and Zigbee implementations are now very solid. Zwave was patchy in the past but now it is reliable, at least at the HA end.
If you have a static IP or can use dynamic DNS and you can forward ports 80/tcp and 443/tcp, then grab the nginx proxy manager addon and use its Lets Encrypt feature. Or you could spin something up on the host OS (if you have one)
HA is superb for turning loads of phone apps into a single pane of glass. For example my car (*sigh*, yes it has an app - Seic MG4), home power supplier (Octopus) and my car charger (Zappi) all have apps. They also all have integrations for HA. I don't bother with the phone apps much. Another very popular integration is automated rubbish/recycling scheduling. Grab "Waste Collection Schedule" via HACS. It will almost certainly support wherever you live or you can use an .ics file or a manual schedule.
Recently someone added browsers for several discovery mechanisms (DHCP, SSDP and Zeroconf) into the web GUI - genius!
The pace of development is insane but the core product is rock solid with a few wobbles along the way, just like Linux itself or any other huge and complicated software system.
03:49 QUIC network debugging
One objection then is you could correlate packets across CID changes, but... I'm not at all a believer in the various bits of complexity to try obfuscate QUIC flows across CID changes. I mean... if hiding flows is a security objective you must have, then you'd be dumb to be relying on those features in QUIC to start off with - you need onion routing.
However, you could do something like add a signed offset to absolute packet numbers in the ACK, that you then send in the encrypted portion, and change it along with CID changes. Though, that would impair the network debug too, but.. your packet analysis software is probably also using the CID to reconcile the QUIC packets to connections. An observer could use the linear relationships to try correlate still, across CID changes, but those are transient and this kind of analysis probably also wouldn't scale up well for an attacker - also, if the communicating parties have this level of concern, they already should NOT be relying just on QUIC, they need a system designed to make correlation attacks /actually/ difficult (which is not QUIC).
03:49 Also: its own container OS!
I was initially skeptical about it, and started hosting HA on my own server. But then I had a nightmare upgrade, after a year of not paying attention to it. I needed to manually update dependencies, unbreak my whole OS after accidentally running `chmod` in a wrong directory, etc.
I decided that my time was more valuable, so I got an Intel NUC, set up HAOS on it, and... that was it! It updates perfectly on its own, I can install addons by clicking on them in the "HomeAssistant Store", and I can also firewall the whole home automation in its own VLAN.
It also can back up itself onto my NAS. And it can restore itself! This was super-handy when the SSD in my NUC died last month. I just popped in a new SSD, installed the basic OS, and did a restore.
This is about the most perfect example of a hassle-free "homebrew" IoT experience.
03:49 As an aside, I think QUIC is not a great protocol
1 QUIC packet is composed of 1 or more QUIC frames. And packets do often have more than 1 frame. The length of a frame is implicit - you must know enough about a frame type to know what its length is, to be able to decode any further frames. If a QUIC frame is not recognised, a decoder can not decode the rest of the packet - including any frames it /does/ support that happen to be after the unrecognised frame.
This just.. sucks. It's a terrible design decision.
> don't think you can make it better without other types of trade-offs.
You can separate detection of packet loss from indication of what content needs to be retransmitted. And then you don't need to maintain (build, reconcile and update) maps from packet numbers to the content.
> It's essentially a whole network stack because the classic network architecture has failed to evolve.
It's just a transport protocol. Created with some significant quirks, by someone who had a bit of a fascination with over-normalising every thing (including removing 1 from counts, where such a count always has at least 1 - making it annoyingly confusing to read packet traces cause now those count fields are intrinsically off-by-one, for absolutely *no* saving in wire-bytes). - to the detriment of clarity and the fact that more and more implicit state requires more and more computation to maintain that implicit state.
Could we improve on TCP? Sure. Does it need all those quirks? No.
Does it help to have an encrypted UDP transport that middle-boxes can't screw with as much? Sure. Does it need all those quirks? No.
> QUIC needs to have a kernel-level support to succeed, and I don't see any push into that.
The limitations of user-space UDP are an issue, agreed. In particular, it is hard to correctly pace packets going out (you need a certain TC scheduler - not guaranteed it will be there). Plus, you're at a disadvantage against TCP when it comes to reacting to incoming packets - TCP can send ACKs from softirq I think, while user-space QUIC has to wait till the right user-space schedules and gets the packets, so there is much more jitter. QUIC could use hardware timestamping to measure the jitter and somehow use that.
Those are implementation details, which may be fixed one day, one way or another (e.g. via some level of kernel offload for QUIC, as you're suggesting).
03:49 As an aside, I think QUIC is not a great protocol
I should have used "precisely" rather than "correctly" there.
03:49 Also: its own container OS!
Your comment is a classic HA experience. You want to take it seriously but didn't have the time at the time and something went wrong. It is engineered properly and hence you fixed your snag and moved on.
I don't think I've ever seen you describe a product in such glowing terms!
03:49 Oregon State is (was?) one of the few places to consider software contributions for tenure.
02:21 Court Unanimously Denies Theranos Founder Elizabeth Holmes' Request For Rehearing
Elizabeth Holmes has lost her bid to have the appeal of her 2022 fraud conviction reheard by the 9th Circuit Court of Appeals, leaving the U.S. Supreme Court as her final option. She and former Theranos executive Sunny Balwani remain liable for $452 million in restitution, while Holmes continues serving her 11-year sentence. CNBC reports: The 9th Circuit U.S. Court of Appeals denied Holmes' request for a rehearing before the original three-judge panel that upheld her conviction. At the same time, the court said no judge on the circuit court had asked for a vote on whether to have the full court rehear the appeal.
Holmes, 41, was sentenced in January 2023 to 11 years and 3 months in prison after being found guilty of four counts of wire fraud in January 2022. She was found guilty of deceiving investors about the capabilities of Theranos, the blood-testing company she founded in 2003. The company crumbled after a Wall Street Journal story outlined the firm's struggles and shut down in 2018.
02:13 Six Days in the Dark
Comments
02:13 PlainBudget - Minimalist Plain Text Budgeting
Comments
02:13 Some novelists are becoming video game writers - and vice-versa
Comments
02:13 Stratolaunch Successfully Completes Reusable Hypersonic Flight and Recovery
Comments
02:13 Fighting Unwanted Notifications with Machine Learning in Chrome
Comments
02:13 Business books are entertainment, not strategic tools
Comments
02:13 Fleurs du Mal
Comments
02:13 WebGL Water (2010)
Comments
02:13 Brandon's Semiconductor Simulator
Comments
02:13 Charles Bukowski, William Burroughs, and the Computer (2009)
Comments
Hide
00:51 Kids Are Short-Circuiting Their School-Issued Chromebooks For TikTok Clout
An anonymous reader quotes a report from Ars Technica: Schools across the US are warning parents about an Internet trend that has students purposefully trying to damage their school-issued Chromebooks so that they start smoking or catch fire. Various school districts, including some in Colorado, New Jersey, North Carolina, and Washington, have sent letters to parents warning about the trend that's largely taken off on TikTok. Per reports from school districts and videos that Ars Technica has reviewed online, the so-called Chromebook Challenge includes students sticking things into Chromebook ports to short-circuit the system. Students are using various easily accessible items to do this, including writing utensils, paper clips, gum wrappers, and pushpins.
The Chromebook challenge has caused chaos for US schools, leading to laptop fires that have forced school evacuations, early dismissals, and the summoning of first responders. Schools are also warning that damage to school property can result in disciplinary action and, in some states, legal action. In Plainville, Connecticut, a middle schooler allegedly "intentionally stuck scissors into a laptop, causing smoke to emit from it," Superintendent Brian Reas told local news station WFSB. The incident reportedly led to one student going to the hospital due to smoke inhalation and is suspected to be connected to the viral trend. "Although the investigation is ongoing, the student involved will be referred to juvenile court to face criminal charges," Reas said. TikTok recently banned the search term "Chromebook Challenge" and created a safety message that pops up when searching for the term. The social media company notes that the challenge is on other social media platforms, too.
00:51 Mexico Sues Google Over Changing Gulf of Mexico's Name For US Users
Mexico has filed a lawsuit against Google for changing the name of the Gulf of Mexico to "Gulf of America" for U.S. users on Google Maps, following a Republican-led House vote on Thursday to codify the name change. President Claudia Sheinbaum argues the U.S. only has authority to rename its portion of the continental shelf and warned of legal action unless Google reversed the change. The Guardian reports: "All we want is for the decree issued by the US government to be complied with," Sheinbaum said. "The US government only calls the portion of the US continental shelf the Gulf of America, not the entire gulf, because it wouldn't have the authority to name the entire gulf," she added. In response to Trump, Sheinbaum has cheekily suggested calling the United States "America Mexicana" -- Mexican America, pointing to a map dating back to before 1848, when one-third of her country was seized by the United States.
00:51 Huawei Unveils a HarmonyOS Laptop, Its First Windows-Free Computer
Huawei has launched its first laptop running HarmonyOS instead of Windows, complete with AI features and support for over 2,000 mostly China-focused apps. The product is largely a result of U.S. sanctions that prevented U.S.-based companies like Google and Microsoft from doing business with Huawei, forcing the company to develop its own in-house solution. Liliputing reports: Early version of HarmonyOS were basically skinned version of Android, but over time Huawei has moved the two operating systems further apart and it now includes Huawei's own kernel, user interface, and other features. The version designed for laptops features a desktop-style operating system with a taskbar and dock on the bottom of the screen and support for multitasking by running multiple applications in movable, resizable windows.
Since this is 2025, of course Huawei's demos also heavily emphasize AI features: the company showed how Celia, its AI assistant, can summarize documents, help prepare presentation slides, and more. While the operating system won't support the millions of Windows applications that could run on older Huawei laptops, the company says that at launch it will support more than 2,000 applications including WPS Office (an alternative to Microsoft Office that's developed in China), and a range of Chinese social media applications.
23:21 Coffee Shops Ditch WiFi and Laptops To Limit Remote Work
Numerous coffee establishments across the US are actively restricting internet access and laptop use as they push back against remote workers monopolizing their spaces for hours.
New York's Devocion chain limits WiFi to two-hour windows on weekdays and eliminates it entirely on weekends, while Detroit's Alba coffee shop has operated without WiFi since its 2023 opening. Some venues have resorted to physically taping over electrical outlets.
DC-based cafe Elle initially launched without WiFi but reversed course after receiving negative Google reviews, implementing a compromise with access restricted to Monday-Thursday, 8am-3pm, with a 90-minute usage cap. The restrictions primarily aim to increase customer turnover, improve sales figures, and restore the community atmosphere that extended laptop sessions often diminish.
23:21 Meta To Add Facial Recognition To Glasses After All
According to The Information (paywalled), Meta is reportedly developing facial recognition capabilities for its Ray-Ban smart glasses -- technology it previously avoided due to privacy concerns. 404 Media's Joseph Cox writes: The move is an obvious about-face from Meta. It's also interesting to me because Meta's PR chewed my ass off when I dared to report in October that a pair of students took Meta's Ray-Ban glasses and combined them with off-the-shelf facial recognition technology. That tool, which the students called I-XRAY, captured a person's face, ran it through an easy to access facial recognition service called Pimeyes, then went a step further and pulled up information about the subject from across the web, including their home address and phone number.
When I contacted Meta for comment for that story, Dave Arnold, a spokesperson for the company, said in an email he had one question for me. "That Pimeyes facial recognition technology could be used with ANY camera, correct? In other words, this isn't something that only is possible because of Meta Ray-Bans? If so, I think that's an important point to note in the piece," he wrote. This is true. But entirely misses the point of why the students created the tool with Meta's Ray-Ban glasses. They said themselves in a demonstration video they identified dozens of people without their knowledge. You do that by wearing a pair of glasses that look like any other. Meta's Ray-Ban's do have a light that turns on when it's recording, but according to the new report, Meta is questioning whether new versions of its glasses need this.
23:15 Linux kernel is leaving 486 CPUs behind, only 18 years after the last one made
Linus Torvalds sees "zero real reason for anybody to waste one second" on them.
23:15 Google's search antitrust trial is wrapping upâhere's what we learned
Google and the DOJ have had their say; now it's in the judge's hands.
23:15 Wearables firm's endless free hardware upgrades were too good to be true
Customers accuse Whoop of baiting and switching as it adjusts its business model.
23:15 New Lego-building AI creates models that actually stand up in real life
Carnegie Mellon "LegoGPT" system uses physics checks to ensure models don't collapse.
23:15 When doctors describe your brain scan as a âstarry sky,â it's not good
TB is the deadliest infection in the worldâbut it doesn't often look like this.
Hide
22:13 Era of U.S. dollar may be winding down
Comments
22:13 Math Machine - A notebook will show your kid how far they have travelled
Comments
22:13 All BART trains were stopped due to âcomputer networking problem'
Comments
22:13 Graphcore unveils GC200 and M2000 IPU Machine-1 petaFLOP "pizza box" AI server
Comments
22:13 Odin, a Pragmatic C Alternative with a Go Flavour
Comments
22:13 Why 536 was 'the worst year to be alive' (2018)
Comments
22:13 Rust's dependencies are starting to worry me
Comments
22:13 Before the Undo Command, There Was the Electric Eraser
Comments
22:13 Reverse Engineering "DNA Sequences" in the Lost World: Jurassic Park Video Game
Comments
22:13 Inventing the Adventure Game (1984)
Comments
22:13 New Tool: lsds - List All Linux Block Devices and Settings in One Place
Comments
21:48 Whoop Angers Users Over Reneged Free Upgrade Promises
Wearable startup Whoop just announced its new Whoop 5.0 fitness tracker yesterday, but some existing users are already calling foul. From a report: Previously, Whoop said people who had been members for at least six months would get free upgrades to next-generation hardware. Now, the company says that members hoping to upgrade from a Whoop 4.0 to 5.0 will have to pay up.
Whoop is a bit different from other fitness trackers in that it runs entirely on a subscription membership model. Most wearable makers that have subscriptions will charge you for the hardware, and then customers have the option of subscribing to get extra data or features. A good example is the Oura Ring, where you buy the ring and then have the option of paying a monthly $6 subscription. Whoop, however, has until now said that you get the hardware for "free" while paying a heftier annual subscription. Previously, Whoop promised users that whenever new hardware was released, existing members would be able to upgrade free of charge so long as they'd been a member for at least six months.
21:48 Newark Airport Radar Outage Strikes Again, Delaying More Flights
Just days after a radar and communications outage at Newark Liberty International Airport, the FAA confirmed a second incident on May 9 that disrupted radar and radio contact for 90 seconds due to a telecom failure at Philadelphia TRACON. "As of 12:30PM ET, FlightAware stats showed 292 total delays for flights into or out of Newark, which is also experiencing delays due to runway construction," reports The Verge. From the report: After the first outage on April 28th, an air traffic controller who had been on duty that day told CNN it "...was the most dangerous situation you could have." CNN reports that after a change made last July, the airport's radar and radio communication flows over a single data feed from a facility in New York, where controllers used to manage Newark's flights, to Philadelphia.
The FAA has announced a plan to replace the current copper connection with fiber, as well as adding "three new, high-bandwidth telecommunications connections between the New York-based STARS and the Philadelphia TRACON," and more air traffic controllers. Until those and other changes are made, the agency also said a new backup system is being deployed in Philadelphia, but it's unclear when that will be available.
NBC News reports the Friday outage affected a limited number of sectors, but it's another incident in the string of issues that have highlighted the problems with the airport's aging control system and lack of staffing. [...] A statement from the FAA said, "Frequent equipment and telecommunications outages can be stressful for controllers. Some controllers at the Philadelphia TRACON who work Newark arrivals and departures have taken time off to recover from the stress of multiple recent outages."
21:48 Florida Fails To Pass Bill Requiring Encryption Backdoors For Social Media Accounts
An anonymous reader quotes a report from TechCrunch: A Florida bill, which would have required social media companies to provide an encryption backdoor for allowing police to access user accounts and private messages, has failed to pass into law. The Social Media Use by Minors bill was "indefinitely postponed" and "withdrawn from consideration" in the Florida House of Representatives earlier this week. Lawmakers in the Florida Senate had already voted to advance the legislation, but a bill requires both legislative chambers to pass before it can become law.
The bill would have required social media firms to "provide a mechanism to decrypt end-to-end encryption when law enforcement obtains a subpoena," which are typically issued by law enforcement agencies and without judicial oversight. Digital rights group the Electronic Frontier Foundation called the bill "dangerous and dumb." Security professionals have long argued that it is impossible to create a secure backdoor that cannot also be maliciously abused, and encryption backdoors put user data at risk of data breaches.
20:18 US Senator Introduces Bill Calling For Location-Tracking on AI Chips To Limit China Access
A U.S. senator introduced a bill on Friday that would direct the Commerce Department to require location verification mechanisms for export-controlled AI chips, in an effort to curb China's access to advanced semiconductor technology. From a report: Called the "Chip Security Act," the bill calls for AI chips under export regulations, and products containing those chips, to be fitted with location-tracking systems to help detect diversion, smuggling or other unauthorized use of the product.
"With these enhanced security measures, we can continue to expand access to U.S. technology without compromising our national security," Republican Senator Tom Cotton of Arkansas said. The bill also calls for companies exporting the AI chips to report to the Bureau of Industry and Security if their products have been diverted away from their intended location or subject to tampering attempts.
18:48 CrowdStrike, Responsible For Global IT Outage, To Cut Jobs In AI Efficiency Push
CrowdStrike, the cybersecurity firm that became a household name after causing a massive global IT outage last year, has announced it will cut 5% of its workforce in part due to "AI efficiency." From a report: In a note to staff earlier this week, released in stock market filings in the US, CrowdStrike's chief executive, George Kurtz, announced that 500 positions, or 5% of its workforce, would be cut globally, citing AI efficiencies created in the business.
"We're operating in a market and technology inflection point, with AI reshaping every industry, accelerating threats, and evolving customer needs," he said. Kurtz said AI "flattens our hiring curve, and helps us innovate from idea to product faster," adding it "drives efficiencies across both the front and back office. AI is a force multiplier throughout the business," he said. Other reasons for the cuts included market demand for sustained growth and expanding the product offering.
18:48 Scientists Have Explored Just 0.001% of Deep Ocean Floor, New Study Finds
A comprehensive analysis in Science Advances reveals that humans have explored less than 0.001% of the deep seafloor -- an area equivalent to merely one-tenth the size of Belgium. Oceanographer Katherine Bell and colleagues at the Ocean Discovery League compiled data from approximately 44,000 deep-sea dives conducted between 1958 and 2024, finding that expeditions have concentrated overwhelmingly around waters near the United States, Japan, and New Zealand.
The study exposes significant gaps in ocean exploration, with vast regions -- particularly the Indian Ocean -- remaining virtually untouched by direct observation. Much of the existing dive data remains inaccessible to scientists, locked away by private companies.
18:48 37signals To Delete AWS Account, Cutting Cloud Costs By Millions
Software firm 37signals is completing its migration from AWS to on-premises infrastructure, expecting to save $1.3 million annually on storage costs alone. CTO David Heinemeier Hansson announced the company has begun migrating 18 petabytes of data from Amazon S3 to Pure Storage arrays costing $1.5 million upfront but only $200,000 yearly to operate.
AWS waived $250,000 in data egress fees for the transition, which will allow 37signals to completely delete its AWS account this summer. The company has already slashed $2 million in annual costs after replacing cloud compute with $700,000 worth of Dell servers in 2024. "Cloud can be a good choice in certain circumstances, but the industry pulled a fast one convincing everyone it's the only way," wrote Hansson, who began the repatriation effort in 2022 after discovering their annual AWS bill exceeded $3.2 million.
18:25 A star has been destroyed by a wandering supermassive black hole
Second supermassive black hole is a long way from the galaxy's core.
18:25 Europe launches program to lure scientists away from the US
EU will spend over $500 million to recruit researchers and scientists.
18:25 Doom: The Dark Ages review: Shields up!
Prepare to add a more defensive stance to the usual dodge-and-shoot gameplay loop.
18:25 Trump cuts tariff on UK cars; American carmakers not happy about it
The UK is allowed to export 100,000 cars a year to the US at the lower rate.
18:25 Don't look now, but a confirmed gamer is leading the Catholic Church
Prevost played Wordle and Words with Friends before leaving for the conclave.
18:25 Celsius founder Alex Mashinsky sentenced to 12 years for âunbank yourselfâ scam
Some victims lost everything to the Celsius Network's fraud.
18:25 Kids are short-circuiting their school-issued Chromebooks for TikTok clout
One participant is reportedly facing criminal charges in juvenile court.
18:25 Trump kills broadband grants, calls digital equity program âracist and illegalâ
Trump move also takes grants away from veterans and people with disabilities.
Hide
18:13 Amazon's Vulcan Robots Now Stow Items Faster Than Humans
Comments
18:13 Man 'Disappeared' by ICE Was on El Salvador Flight Manifest, Hacked Data Shows
Comments
18:13 Former Supreme Court justice David Souter has died
Comments
18:13 Show HN: Agents.erl (AI Agents in Erlang)
Comments
18:13 A Taxonomy for Rendering Engines
Comments
18:13 The CL1: the first code deployable biological computer
Comments
18:13 The birth of AI poker? Letters from the 1984 WSOP
Comments
18:13 The Anarchitecture Group
Comments
18:13 CryptPad: An Alternative to the Google Suite
Comments
18:13 Show HN: Oliphaunt - A native Mastodon client for macOS
Comments
18:13 Show HN: Hydra (YC W22) - Serverless Analytics on Postgres
Comments
18:13 Show HN: A backend agnostic Ruby framework for building reactive desktop apps
Comments
18:13 Rollstack (YC W23) Is Hiring TypeScript Engineers (Remote US/CA)
Comments
18:13 Show HN: BlenderQ - A TUI for managing multiple Blender renders
Comments
18:13 Past, present, and future of Sorbet type syntax
Comments
18:13 In the Network of the Conclav: How we "guessed" the Pope using network science
Comments
18:13 Launch HN: Nao Labs (YC X25) - Cursor for Data
Comments
18:13 ALICE detects the conversion of lead into gold at the LHC
Comments
Hide
17:49 An idea for replacing the essential flag
17:49 An idea for replacing the essential flag
17:49 It does not matter how you ignore bug reports
You don't get middle managers thinking "oh my P1 isn't being dealt with fast enough", because standard procedure on a P0 is to get the directors out of bed if necessary :-) :-)
I've been on at least one P0 all-nighter :-)
Cheers,
Wol
17:49 One, specific person's view...
Beating the dead horse about how 3.0.2 and 3.0.14 are _so slow_ is just bizzare.
It makes perfect sense to me; because OpenSSL 3.0 was the LTS at the time the report was written, and because there are significant distros for the haproxy use case that stick to LTS versions of OpenSSL, you need enough information to persuade your paying customers that they need to move on from the distro version of OpenSSL or accept a performance limitation.
Remember that their most risk-averse customers will be paying haproxy for support, and paying a distro for support, too. If you want them to move outside the "distro supports OpenSSL, we support haproxy" comfort zone, you need to give them detailed reasons. Otherwise, they're going to stick to their comfort zone - "you've got a haproxy problem, and you can't change components of the LTS distro we use".
17:49 OpenSSL drop in replacements
It seems to have had "reasonable API" as a goal, and from the docs it looks like it should be reasonably easy to use? (I guess it helps that the crypto-graphic primitives are in a separate library - nettle - though GnuTLS still does provide some lower level APIs to primitives).
17:49 Dependency rules that are described are strange
This is a complete misunderstanding of what the deps are for. A dependency is declared when the package "cannot function" without the depended-on thing. In some cases, the meaning of "cannot function" is subject to a judgement call, but here it's pretty clear: the package will work completely fine without running of the bash completion script. So the package does not need a dependency on bash unless it's written in bash. There is no need for any dependency declaration just for a sidecar file that enhances the operation of an unrelated package.
> Declaring essential dependencies explicitly may sound good in theory, Adrian Bunk replied, but it would be horrible in practice. For example, the libc6 package, which provides shared GNU C libraries ""used by nearly all programs on the system"" has a pre-installation script that calls dpkg, sed, grep, and rm. To make those dependencies explicit would require adding sh, dpkg, sed, grep, and coreutils as Pre-Depends dependencies.
Hmm, if the libc6 package has a pre-installation script that calls some tools, then if those tools are not available when the package is installed, then presumably the package will not be installed correctly. So if there really is a script and it really is called early, then the dependency needs to be declared.
--
I work on Fedora, and we have a general policy of explicitly declaring all runtime dependencies. There is really no alternative, because people create so many variants of containers and other minimal images, and also initrds, that we could never agree on any required minimum. Having the deps declared also helps with maintainance: it's easier to use a repoquery to figure out all the reverse deps than to grep over package contents.
17:49 One, specific person's view...
17:49 One, specific person's view...
The article literally begins "A paper on this topic was prepared for internal use within HAProxy last year, and this version is now being shared publicly".
That, to my eyes, is very explicit that this is not a "general" paper, but rather republication of internal documentation from HAProxy, and if you're not reading the full article with the context of that first, emphasised, paragraph in mind, then you're missing key context.
17:49 One, specific person's view...
it being slightly slower totally is defensible if it provides important features
we wouldn't have had Post-Quantum Crypto available for OpenSSL 3.0 in OQS Provider if not for the new provider architecture
yes, the deprecation of ENGINE API is disruptive but it was a bad, limited API; provider API is much better to program against and much more flexible
finally, I did read the whole article, thankyouverymuch
and yes, my point about 3.2 was about it being quite old compared to the recently released 3.5; if the use of 3.0 is indeed prohibitively expensive, you could have upgraded to newer versions *years* ago
and no, I'm not debating if 3.0 is or is not significantly slower than other versions; it is
17:49 One, specific person's view...
17:49 OpenSSL drop in replacements
17:49 As an aside, I think QUIC is not a great protocol
Some examples:
1. There is no length field for frames. This makes it impossible to decode a QUIC packet once it contains an unrecognised frame type. I.e., new or custom QUIC frame types just completely break QUIC decoders/packet capture parsers - really annoying. It is incredible that a network protocol designed in the 21st C would have implicit lengths for a core and extensible field.
2. Data is acked by packet number, but packet numbers can only increase. Levels of indirection (CPU + state) to handle ACKing. Also rejiggling of packets when you have to reTx.
3. Unbounded ACK ranges - so general case data-structures are required to track ACK ranges (not a cheap operation), rather than the faster, custom data-structures that could be used if there was a cap on # ACK ranges.
4. Weird encoding of ACK gaps. Maybe it's just me, but I hate that it uses 0 to mean 1. It doesn't save anything on the wire. The RFC wording is confusing too, if not outright wrong.
5. The session ID stuff is overcomplex.
Personally, I think QUIC will not last. It's over-complex and quirky. It intrinsically has a much higher overhead to parse than TCP (ex-crypto-cost). While it may last in web use, just because of the inertia behind it from Google, Facebook, etc., and the standardisation process, I think in use-cases where 1 entity controls both the client and server and has the freedom to choose the software/transport protocol used, many companies/entities will choose to implement their own, simpler, better performing protocol - and some open source library will end up dominating there.
17:49 As an aside, I think QUIC is not a great protocol
17:49 An idea for replacing the essential flag
17:49 6.14.6 not .2
17:49 6.14.6 not .2
I've fixed it. Thanks for letting us know, although we do prefer to receive typo reports as emails to lwn@lwn.net, so that they don't distract from the comments.
17:49 Some clarifications about awk and Essential
17:49 QUIC network debugging
17:40 [$] A FUSE implementation for famfs
The famfs
filesystem is meant to provide a shared-memory filesystem for large data
sets that are accessed for computations by multiple systems. It was
developed by John Groves, who led a combined filesystem and
memory-management session at
the 2025 Linux Storage, Filesystem, Memory
Management, and BPF Summit (LSFMM+BPF) to discuss it. The session was a
follow-up to the famfs session at last year's
summit, but it was also meant to discuss whether the kernel's direct-access (DAX)
mechanism, which is used by famfs, could be replaced in the filesystem
by using other kernel features.
17:40 GNOME Foundation announces new executive director
The GNOME Foundation has announced the hiring of Steven Deobald as its new executive director.
Steven has been a GNOME user since 2002 and has been involved in numerous free software initiatives throughout his career. His professional background spans technical leadership, cooperative business development, and nonprofit work. Having worked with projects like XTDB and Endatabas, he brings valuable experience in open source product development. Based in Halifax, Canada, Steven is well-positioned to collaborate with our global community across time zones.
17:40 Security updates for Friday
Security updates have been issued by Debian (fossil, libapache2-mod-auth-openidc, and request-tracker4), Fedora (thunderbird), Mageia (firefox and thunderbird), SUSE (389-ds, apparmor, cargo-c, chromium, go1.24, govulncheck-vulndb, java-1_8_0-openjdk, kanidm, libsoup, mozjs102, openssl-1_1, openssl-3, python-Django, sccache, tealdeer, tomcat, transfig, wasm-bindgen, and wireshark), and Ubuntu (libreoffice and python-h11).
17:40 Five more Friday stable kernels
Greg Kroah-Hartman has announced the release of the 6.14.6, 6.12.28, 6.6.90, 6.1.138, and 5.15.182 stable kernel versions.
17:40 Albertson: OSL's path to sustainability
Lance Albertson writes that the Oregon State University Open Source Lab has been funded for the next year, following his announcement in April that the future of OSL was in jeopardy. OSL is now focusing on becoming self-sustainable long term.
The recent support was amazing for our immediate team needs. But for the OSL to thrive long-term, we need a sustainable financial foundation. This is crucial, as the university expects units like ours to become self-sufficient beyond this current year.
So, our big focus this next year is locking in ongoing support - think annualized pledges, different kinds of regular income, and other recurring help. This is vital, especially with potential new data center costs and hardware needs. Getting this right means we can stop worrying about short-term funding and plan for the future: investing in our tech and people, growing our awesome student programs, and serving the FOSS community. We're looking for partners, big and small, who get why foundational open source infrastructure matters and want to help us build this sustainable future together.
17:40 [$] A kernel developer plays with Home Assistant: general impressions
Those of us who have spent our lives playing with computers naturally see
the appeal of deploying them though the home for both data acquisition and
automation. But many of us who have watched the evolution of the
technology industry are increasingly unwilling to entrust critical
household functions to cloud-based servers run by companies that may not
have our best interests at heart. The Apache-licensed Home Assistant project offers a
welcome alternative: locally controlled automation with free software.
This two-part series covers roughly a year of Home Assistant use, starting
with a set of overall observations about the project.
Hide
17:40 So many people had no clue this Google app for managing photos and videos existed!
Six years after its launch, this Google Photos alternative made by Google is still a mystery to many.
17:40 Google is bringing automatic passkey upgrades to Android (APK teardown)
Google could take the fuss out of upgrading to passkeys on Android.
17:40 Sony finally breaks the silence on WH-1000XM6 launch date!
Get ready for one of the best ANC headphones of 2025!
17:40 Galaxy Watch 8 series could come with squircle design, Quick Button, and more (APK teardown)
The Galaxy Watch 8 Classic could be closer to the Galaxy Watch Ultra, with a Quick Button and stronger vibrations.
17:40 One UI 8 Watch isn't out yet, but here's its new One UI 7-like charging animation (APK teardown)
One UI 8 Watch's new charging animation looks very familiar.
17:40 An exciting new Switch emulator launches tomorrow â Here's how to get it
Will this be the new best way to play Switch games on Android?
17:40 There's a dark side to 7 years of Android updates, and we're already starting to see it
Who cares how long the warranty on your car is, if it's still got a tape deck?
17:40 Miss the S23 Ultra's 10x camera? This brand could revive it (and then some)
We haven't seen a phone with a proper 10x camera in a few years, but OPPO might offer this tech.
17:40 5 reasons why I can't ditch my Apple Watch for Android smartwatches
I can't get away from Apple's smartwatch.
17:40 Running out of memory in Android 16's Linux Terminal? Try this fix
Android only allocates 4GB to the Linux VM, which isn't a lot of memory for heavy development work
17:40 YouTube needs a âblock channel' option
With AI videos running rampant, we need it now more than ever.
17:40 How to enable Android 16's Audio Sharing feature on your Pixel
Android 16 brings Auracast, i.e. audio sharing over Bluetooth LE Audio, to select Pixel devices. Here's how to use it.
17:40 Gemini Live's Project Astra features are rolling out more widely. Did you get them yet?
More Android users can now augment their Gemini Live queries by sharing their screen or camera feed.
17:40 One UI 8 Watch is exploring half-size tiles, and here's what they look like
You could potentially place two of these half tiles on the screen to increase the information density on your wrist.
17:40 A Pixel 8 was left in a hot tub for four days, here's what happened
This Pixel 8 owner accidentally performed a real-life stress test.
17:40 Samsung is working on a better way to keep your private photos private
A leaked image from a One UI 8 build suggests Samsung Gallery may be getting a Private album feature.
Hide
17:18 Tech Industry Warns US Investment Pledges Hinge on Research Tax Break
An anonymous reader shares a report: Major tech companies lobbying to salvage a tax deduction for research and development are warning they may pull back from high-profile pledges of new US investments if Congress doesn't fully reinstate the break.
Big tech companies have pledged more than $1.6 trillion in investments in the US since Donald Trump took office, promising to build factories and data centers in alignment with Trump's push to build in America. But industry representatives are signaling those promises will be imperiled if Congress doesn't fully reinstate the R&D tax deduction, which was pared back to help offset the massive cost of President Donald Trump's 2017 bill. At the time, it was estimated that limiting the provision would temporarily raise about $120 billion from 2018 to 2027.
"A lot of those announcements are predicated on an expectation the administration and Congress will partner together on reinstating those R&D provisions," said Jason Oxman, president of the Information Technology Industry Council, a trade group that includes among its members Amazon, Apple, Anthropic, Alphabet, and IBM. Lobbyists representing tech companies that announced US investments have made similar claims to congressional aides and lawmakers, according to people familiar with the conversations.
17:18 Panasonic To Cut 10,000 Jobs
An anonymous reader shares a report: Panasonic will undertake a major restructuring across a range of its business, including consumer electronics, cutting 10,000 jobs globally, as the Japanese company plans to streamline, spinning out struggling divisions in hopes of reversing its dwindling market share and fending off fierce Chinese competition. Panasonic did not say which businesses it intended to shrink. The company expects to book structural reform costs of roughly $900 million this business year. Panasonic ended the fiscal year
15:48 Education Giant Pearson Hit By Cyberattack Exposing Customer Data
An anonymous reader quotes a report from BleepingComputer: Education giant Pearson suffered a cyberattack, allowing threat actors to steal corporate data and customer information, BleepingComputer has learned. Pearson is a UK-based education company and one of the world's largest providers of academic publishing, digital learning tools, and standardized assessments. The company works with schools, universities, and individuals in over 70 countries through its print and online services. In a statement to BleepingComputer, Pearson confirmed they suffered a cyberattack and that data was stolen, but stated it was mostly "legacy data."
"We recently discovered that an unauthorized actor gained access to a portion of our systems," a Pearson representative confirmed to BleepingComputer. "Once we identified the activity, we took steps to stop it and investigate what happened and what data was affected with forensics experts. We also supported law enforcement's investigation. We have taken steps to deploy additional safeguards onto our systems, including enhancing security monitoring and authentication. We are continuing to investigate, but at this time we believe the actor downloaded largely legacy data. We will be sharing additional information directly with customers and partners as appropriate." Pearson also confirmed that the stolen data did not include employee information. The education company previously disclosed in January that they were investigating a breach of one of their subsidiaries, PDRI, which is believed to be related to this attack.
BleepingComputer also notes that threat actors breached Pearson's developer environment in January 2025 using an exposed GitLab access token, gaining access to source code and hard-coded credentials. Terabytes of sensitive data was stolen from cloud platforms and internal systems.
Despite the potential impact on millions of individuals, Pearson has declined to answer key questions about the breach or its response.
15:48 AI-Generated 'Slop' Threatens Internet Ecosystem, Researchers Warn
Researchers are sounding alarms about the proliferation of AI-generated content -- dubbed "slop" -- that may be overwhelming the internet's human-created material. Fil Menczer, distinguished professor of informatics at Indiana University, who has studied social bots since the early 2010s, is now expressing serious concern about generative AI's impact. "Am I worried? Yes, I'm very worried," he told Bloomberg.
Another research from Georgetown University found over 100 Facebook pages with millions of followers using AI-generated images for scams. According to Tollbit, a company that helps publishers get compensated when their sites are scraped, web scraping volume doubled from Q3 to Q4 2024, causing significant strain on sites like Wikipedia during high-traffic events.
The situation creates a dangerous feedback loop where AI content is generated to please AI recommendation systems, potentially marginalizing human creators. Jeff Allen of the Integrity Institute told Bloomberg this resembles "the algae bloom that can blow up and suffocate the life you would want to have in a healthy ecosystem."
15:48 Nvidia CEO: 'You Won't Lose Your Job To AI, But To Someone Who Uses It'
Nvidia founder and CEO Jensen Huang has served up another blunt take on the job market as AI permeates society. From a report: "You will not lose your job to AI, but will lose it to someone who uses it," Huang said at the Milken Institute Conference. Added Huang, "I recommend 100% take advantage of AI, don't be that person."
15:48 Prompt Engineering is Quickly Going Extinct
The specialized role of prompt engineering, not long ago heralded as a promising new career path in AI, has virtually disappeared just two years after its emergence. Many companies are now considering strong AI prompting a standard skill rather than a dedicated position, Fast Company reports, with some firms even deploying AI systems to generate optimal prompts for other AI tools.
"AI is already eating its own," Malcolm Frank, CEO of TalentGenius, told the publication. "Prompt engineering has become something that's embedded in almost every role, and people know how to do it. It's turned from a job into a task very, very quickly." The prompt engineer's decline serves as a case study for the broader AI job market, where evidence suggests AI is primarily reshaping existing careers rather than creating entirely new ones.
Further reading: 'AI Prompt Engineering Is Dead.'
14:13 Dasung Paperlike 13K is a 13.3 inch E Ink color monitor
Comments
14:13 Linear Programming for Fun and Profit
Comments
14:13 How "Night of the Living Dead" Accidentally Became Public Domain
Comments
14:13 Structuring Competency-Based Courses Through Skill Trees
Comments
14:13 Reconstructing illusory camouflage patterns on moth wings using computer vision
Comments
14:13 The Linux Kernel's PGP Web of Trust
Comments
14:13 Itter.sh - Micro-Blogging via Terminal
Comments
14:13 Implementing a Struct of Arrays
Comments
14:13 NSF faces shake-up as officials abolish its 37 divisions
Comments
14:13 Hollow Core Fiber (HCF)
Comments
14:13 Show HN: Hyper - Standards first React alternative
Comments
14:13 Show HN: Hyvector - A fast and modern SVG editor
Comments
14:13 Data manipulations alleged in study that paved way for Microsoft's quantum chip
Comments
14:13 21 GB/s CSV Parsing Using SIMD on AMD 9950X
Comments
14:13 Sofie: open-source web based system for automating live TV news production
Comments
14:13 Show HN: Aberdeen - An elegant approach to reactive UIs
Comments
Hide
13:35 Rocket Report: Rocket Lab to demo cargo delivery; America's new ICBM in trouble
SpaceX's plan to turn Starbase into Texas' newest city won the approval of votersâerr, employees.
Hide
11:18 IRS Hopes To Replace Fired Enforcement Workers With AI
Facing deep staffing cuts, the IRS plans to lean heavily on AI to maintain tax collection efforts, with Treasury Secretary Scott Bessent stating that smarter IT and the "AI boom" will offset reductions in revenue enforcement staff. The Register reports: When asked by Congressman Steny Hoyer (D-MD) whether proposed reductions in the IRS's IT budget, along with plans to cut additional staff, would affect the agencies ability to collect tax revenue, Bessent said it wouldn't, thanks to the current "AI boom." "I believe through smarter IT, through this AI boom, that we can use that to enhance collections," Bessent told Hoyer and the Committee (24:29 into the video linked [here]). "I expect collections would continue to be very robust as they were this year."
Bessent's comments didn't explain how the IRS intends to deploy AI. Given how much it has slashed its enforcement staff since Trump took office, the agency definitely needs to do something. [...] Bessent's comments didn't explain how the IRS intends to deploy AI. Given how much it has slashed its enforcement staff since Trump took office, the agency definitely needs to do something. "There is nothing that shows historically that bringing in unseasoned collections agents will result in more collections," Bessent told the Committee. "IRS already uses AI for business functions including operational efficiency, compliance and fraud detection, and taxpayer services," the agency told The Register. "AI use cases must follow all relevant IRS privacy and security policies."
10:13 Verification, the Key to AI (2001)
Comments
10:13 Full Control.xyz Freeform Gcode
Comments
10:13 Losing my Meta account because of release delays
Comments
10:13 Rich Schroepell responds to Ron Rivest and the RSA MIT algorithm (1977)
Comments
10:13 Malaya's Timeless Design
Comments
10:13 Robotics meets the culinary arts
Comments
10:13 Zombieverter: Open source VCU for reusing salvage EV components
Comments
10:13 6502 Illegal Opcodes in the Siemens PC 100 Assembly Manual (1980)
Comments
Hide
09:48 Instagram's AI Chatbots Lie About Being Licensed Therapists
Instagram's AI chatbots are masquerading as licensed therapists, complete with fabricated credentials and license numbers, according to an investigation by 404 Media. When questioned, these user-created bots from Meta's AI Studio platform provide detailed but entirely fictional qualifications, including nonexistent license numbers, accreditations, and practice information.
Unlike Character.AI, which displays clear disclaimers that its therapy bots aren't real professionals, Meta's chatbots feature only a generic notice stating "Messages are generated by AI and may be inaccurate or inappropriate" at the bottom of conversations.
08:18 SpaceX Gets Approval To Sell Starlink In India
schwit1 shares a report from Behind The Black: Almost immediately after India's government issued this week new tightened regulations for allowing private satellite constellations to sell their services in India, it also apparently completed negotiations with SpaceX to allow it to sell Starlink in India based on these rules. Business Today reports: "According to sources, the DoT [Department of Transportation] granted the LoI [Letter of Intent] after Starlink accepted 29 strict security conditions, including requirements for real-time terminal tracking, mandatory local data processing, legal interception capabilities, and localisation of at least 20% of its ground segment infrastructure within the first few years of operation.
Starlink's nod came amid heightened national security sensitivities, coinciding with India's pre-dawn Operation Sindoor strikes on terror camps across the border in response to the Pahalgam massacre. However, DoT officials clarified that the decision to approve Starlink was independent of these military developments." At the moment SpaceX's chief competitors, OneWeb and Amazon's Kuiper constellation, have not yet obtained the same permissions. This allows SpaceX to grab a large portion of the market share in India before either of these other companies.
07:49 Sad to see it go
A couple of papers stand out in my memory, one from my first USENIX conference and one from my latest:
1. Peep (The Network Auralizer): Monitoring Your Network With Sound https://www.usenix.org/legacy/publications/library/procee...
2. The Battle of the Schedulers: FreeBSD ULE vs. Linux CFS https://www.usenix.org/conference/atc18/presentation/bouron
07:49 Non-coherent shared memory?
07:49 Non-coherent shared memory?
07:49 It does not matter how you ignore bug reports
P1: This is an emergency. Someone is actively working on it at ~all times (handing it off between time zones if necessary).
P2: This is important and we care about it getting done within a reasonable time, but it's not an emergency.
P3: Maybe we'll do this one day.
P4+: We are probably never going to do this, but we have not formally decided that yet.
It is quite common for this system to count from zero instead of one, usually because some middle manager decided that P1s were not getting executed quickly enough. Of course, this is simply an exercise in rebucketing and does not actually cause work to complete any faster (P0 takes on the former role of P1, P1 takes on the former role of P2, etc.).
There are rather obvious problems with applying "priority" in a FOSS context (you can't tell people what to work on). But perhaps it could be used as a descriptive field instead of a prescriptive field (i.e. P1 = "Somebody is working on this right now as their personal top priority," P2 = "Somebody is interested in this and plans to work on it in the near future," etc.). But that leaves the question of how to ensure those fields are kept up to date (developers might forget to update them, or someone might leave the project without unassigning all their bugs). Maybe we could repurpose those bots that close "stale" bugs to instead set the priority to P4 or something.
07:49 Why two shells?
07:49 Why two shells?
07:49 Exciting
Slides https://www.slideshare.net/slideshow/solving-postgresql-w...
07:49 Why two shells?
06:48 Celsius CEO Mashinsky Sentenced To 12 Years in Multi-Billion-Dollar Crypto Fraud Case
Alexander Mashinsky, the former CEO of Celsius Network, was sentenced to 12 years in prison on Thursday after pleading guilty to two counts of fraud, a dramatic fall for the leader of a company once hailed as the "bank" of the crypto industry. From a report: Standing before U.S. District Judge John G. Koeltl in Manhattan's Southern District, Mashinsky faced the consequences of what prosecutors described as a sweeping scheme to defraud investors. In December he pleaded guilty to commodities fraud and a scheme to manipulate the Celsius token.
His sentencing took place in courtroom 14A at 500 Pearl Street -- a venue that has seen several crypto executives-turned-felons. Mashinsky's legal troubles began in 2023 when he was arrested on charges of securities, commodities, and wire fraud, just as Celsius reached a $4.7 billion settlement with the Federal Trade Commission -- one of the largest in the FTC's history.
06:13 Cogentcore: Open-source framework for building multi-platform apps with Go
Comments
06:13 Audiobookshelf: Self-hosted audiobook and podcast server
Comments
06:13 Throwaway Code: Don't recycle, throw it away (2017)
Comments
06:13 Show HN: Test your typing speed and accuracy with movie scripts
Comments
06:13 eBPF Mystery: When is IPv4 not IPv4? When it's pretending to be IPv6
Comments
06:13 Finding a Bug in Chromium
Comments
06:13 Hill or High Water
Comments
06:13 Usenix ATC Announcement
Comments
06:13 Dead Reckoning
Comments
06:13 A Formal Analysis of Apple's iMessage PQ3 Protocol [pdf]
Comments
06:13 Starlink User Terminal Teardown
Comments
06:13 LegoGPT: Generating Physically Stable and Buildable Lego
Comments
Hide
05:40 T-Mobile is offering its loyal users a free line, do you qualify?
A rare free line offer is back, but only for T-Mobile loyal customers that meet a few special requirements.
05:40 Galaxy S25 Edge leak reveals all the cases you'll need to keep the super-thin phone safe
Why wait for Monday? Galaxy S25 Edge photo dump reveals accessories and more
05:40 Google Messages is finally letting users make group chats visually distinct
Google Messages may soon make your group chats less chaotic.
05:40 T-Mobile will give you a free phone with a trade-in, regardless of its condition or your plan
The Moto Edge 2024 could be yours for free, with any trade-in.
05:40 Google is giving the Search bar on your phone a much-needed facelift
Google wants to make sure you know that you can set a custom shortcut in your Search bar.
05:40 Your doorbell cam might have just picked up Google Home support
Got an Ecobee Smart Doorbell Camera? Welcome to the world of Google Home integration!
05:40 Hot deal: Get four Samsung SmartTag 2 trackers for just $51.99!
The Samsung SmartTag 2 is the best tracker for Samsung users!
05:40 Narwal Freo Pro robot drops to a new all-time low price!
You no longer need to spend a small fortune to get a high-end robot vacuum/mop combo!
05:40 Some of the coolest chargers are on sale today: Check them out!
Is your phone charging slowly? Maybe you need a boost. Check out these charger deals!
05:40 Google Messages begins rolling out âDelete for Everyoneâ feature
The feature is reportedly rolling out to beta users, meaning a wider release could be on the horizon.
05:40 Samsung confirms brand-new Gorilla Glass display protection for Galaxy S25 Edge
Samsung says Gorilla Glass Ceramic 2 will provide next-level durability to its slimmest flagship.
Hide
03:48 NOAA Retires Extreme Weather Database
An anonymous reader quotes a report from CNN: The National Oceanic and Atmospheric Administration announced Thursday its well-known "billion-dollar weather and climate disasters" database "will be retired," a move that will make it next to impossible for the public to track the cost of extreme weather and climate events. The weather, climate and oceans agency is also ending other products, it has recently announced, due in large part to staffing reductions. NOAA is narrowing the array of services it provides, with climate-related programs scrutinized especially closely.
The disasters database, which will be archived but no longer updated beyond 2024, has allowed taxpayers, media and researchers to track the cost of natural disasters -- spanning extreme events from hurricanes to hailstorms -- since 1980. Its discontinuation is another Trump-administration blow to the public's view into how fossil fuel pollution is changing the world around them and making extreme weather more costly. [...]
The database vacuums loss information from throughout the insurance industry, among other public and private sources. According to the database, there were 403 weather and climate disasters totally at least $1 billion in the United States since 1980, totaling more than $2.945 trillion. As of April 8, there had not been any confirmed billion-dollar disasters so far in 2025, but it lists four events as having the potential to make the tally, including the Los Angeles-area wildfires in January. Between 1980 and 2024, there were nine such disasters on average each year, though in the past five years, that annual average has jumped to 24. The record for one year was 28 events in 2023. "What makes this resource uniquely valuable is not just its standardized methodology across decades, but the fact that it draws from proprietary and non-public data sources (such as reinsurance loss estimates, localized government reports, and private claims databases) that are otherwise inaccessible to most researchers," Jeremy Porter, head of climate implications for and co-founder of First Street, a climate risk financial modeling firm, told CNN via email.
"Without it, replicating or extending damage trend analyses, especially at regional scales or across hazard types, is nearly impossible without significant funding or institutional access to commercial catastrophe models."
02:18 Trump To End Biden-Era High-Speed Internet Program
President Trump on Thursday attacked a law signed by President Joe Biden aimed at expanding high-speed internet access, calling the effort "racist" and "totally unconstitutional" and threatening to end it "immediately." The New York TimesL: Mr. Trump's statement was one of the starkest examples yet of his slash-and-burn approach to dismantling the legacy of his immediate predecessor in this term in office. The Digital Equity Act, a little-known effort to improve high-speed internet access in communities with poor access, was tucked into the $1 trillion bipartisan infrastructure bill that Mr. Biden signed into law early in his presidency.
The act was written to help many different groups, including veterans, older people and disabled and rural communities. But Mr. Trump, using the incendiary language that has been a trademark of his political career, denounced the law on Thursday for also seeking to improve internet access for ethnic and racial minorities, raging in a social media post that it amounted to providing "woke handouts based on race."
02:18 Alibaba's ZeroSearch Teaches AI To Search Without Search Engines, Cuts Training Costs By 88%
Alibaba Group researchers have developed "ZeroSearch," a technique that enables large language models to acquire search capabilities without using external search engines during training. The approach transforms LLMs into retrieval modules through supervised fine-tuning and employs a "curriculum-based rollout strategy" that gradually degrades generated document quality.
In tests across seven question-answering datasets, ZeroSearch matched or exceeded the performance [PDF] of models trained with real search engines. A 7B-parameter retrieval module achieved results comparable to Google Search, while a 14B-parameter version outperformed it. The cost savings are substantial: training with 64,000 search queries using Google Search via SerpAPI would cost approximately $586.70, compared to just $70.80 using a 14B-parameter simulation LLM on four A100 GPUs -- an 88% reduction.
The technique works with multiple model families including Qwen-2.5 and LLaMA-3.2. Researchers have released their code, datasets, and pre-trained models on GitHub and Hugging Face, potentially lowering barriers to entry for smaller AI companies developing sophisticated assistants.
02:13 Show HN: Req Update Check
Comments
02:13 A Brief History of Cursor's Tab-Completion
Comments
02:13 Prepare your apps for Google Play's 16 KB page size compatibility requirement
Comments
02:13 Gender characteristics of service robots can influence customer decisions
Comments
02:13 Newsreels from the UCLA Film and Television Archive
Comments
02:13 Show HN: OpenRouter Model Price Comparison
Comments
02:13 Podfox: First Container-Aware Browser
Comments
02:13 How the US Built 5k Ships in WWII
Comments
02:13 Phoenician culture spread mainly through cultural exchange
Comments
02:13 Gorilla study reveals complex pros and cons of friendship
Comments
02:13 Fui: C library for interacting with the framebuffer in a TTY context
Comments
Hide
23:18 Cloudflare CEO: AI Is Killing the Business Model of the Web
In a recent interview with the Council on Foreign Relations, Cloudflare CEO Matthew Prince warned that AI is breaking the economic model of the web by decoupling content creation from value, with platforms like Google and OpenAI increasingly providing answers without driving traffic to original sources. He argued that unless AI companies start compensating creators, the web's content ecosystem will collapse -- calling most current AI investment a "money fire" with only a small fraction holding long-term value. Search Engine Land reports: Google's value exchange with content creators has collapsed, Prince said: "Ten years ago... for every two pages of a website that Google scraped, they would send you one visitor. ... That was the trade. ... Now, it takes six pages scraped to get one visitor." That drop reflects the rise of zero-click searches, which happen when searchers get answers directly on Google's search page. "Today, 75 percent of the queries... get answered without you leaving Google." This trend, long criticized by publishers and SEOs, is part of a broader concern: AI companies are using original content to generate answers that rarely/never drive traffic back to creators.
AI makes the problem worse. Large language models (LLMs) are accelerating the crisis, Prince said. AI companies scrape far more content per user interaction than Google ever has -- with even less return to creators. "What do you think it is for OpenAI? 250 to one. What do you think it is for Anthropic? Six thousand to one." "More and more the answers... won't lead you to the original source, it will be some derivative of that source." This situation threatens the sustainability of the web as we know it, Prince said: "If content creators can't derive value... then they're not going to create original content."
The modern web is breaking. AI companies are aware of the problem, and the business model of the web can't survive unless there's some change, Prince said: "Sam Altman at OpenAI and others get that. But... he can't be the only one paying for content when everyone else gets it for free." Cloudflare's right in the middle of this problem -- it powers 80% of AI companies and a 20-30% of the web. Cloudfaire is now trying to figure out how to help fix what's broken, Prince said. AI = money fire. Prince is not against AI. However, he said he is skeptical of the investment frenzy. "I would guess that 99% of the money that people are spending on these projects today is just getting lit on fire. But 1% is going to be incredibly valuable." "And so maybe we've all got a light, you know, $100 on fire to find that $1 that matters." You can watch a recording of the interview and read the full transcript here.
23:18 Apple Is Planning Smart Glasses With and Without AR
According to Bloomberg's Mark Gurman, Apple has "made progress" on a chip for a product that could rival the Ray-Ban Meta smart glasses. The company is also reportedly working on glasses that use augmented reality. The Verge reports: The chip is apparently based on the chips Apple uses for the Apple Watch, though the company has removed parts and is being designed in such a way that it can handle the "multiple cameras" that the smart glasses might have, Bloomberg reports. Apple wants mass production of the chip to start by the end of 2026 or sometime in 2027, so the glasses themselves could come out within that timeframe. [...] Apple is developing chips for camera-equipped Apple Watch and Airpods as well, and the goal is for those chips to be ready "by around 2027," Bloomberg says. The company is also developing new M-series chips and dedicated AI server chips, per the report.
23:05 Trump just made it much harder to track the nation's worst weather disasters
US abruptly stops tracking costs of the most devastating storms.
23:05 DOGE software engineer's computer infected by info-stealing malware
The presence of credentials in leaked "stealer logs" indicates his device was infected.
23:05 Fidji Simo joins OpenAI as new CEO of Applications
Simo will oversee business operations while Altman focuses on research and compute.
23:05 AI use damages professional reputation, study suggests
New Duke study says workers judge others for AI useâand hide its use, fearing stigma.
23:05 A Soviet-era spacecraft built to land on Venus is falling to Earth instead
Kosmos 482 is encased in a titanium heat shield, with a good chance of reaching the surface intact.
23:05 New RSV vaccine, treatment linked to dramatic fall in baby hospitalizations
CDC study finds big declines in hospitalizationsâand they may be underestimates.
Hide
22:13 My stackoverflow question was closed so here's a blog post about CoreWCF
Comments
22:13 How to start a school with your friends
Comments
22:13 A Brief History of Cursor's Tab-Completion
Comments
22:13 Egyptologist uncovers hidden messages on Paris's iconic obelisk
Comments
22:13 Shape and topology morphing of closed surfaces integrating origami and kirigami
Comments
22:13 The second birth of JMW Turner
Comments
22:13 Why do LLMs have emergent properties?
Comments
22:13 Mathematical Problem Solving
Comments
22:13 Implementing State Machines in PostgreSQL (2017)
Comments
22:13 Static as a Server
Comments
22:13 A flat pricing subscription for Claude Code
Comments
22:13 The Rise and Fall of the Visual Telegraph (2017)
Comments
22:13 Block Diffusion: Interpolating Autoregressive and Diffusion Language Models
Comments
22:13 Stability by Design
Comments
22:13 From: Steve Jobs. "Great idea, thank you."
Comments
Hide
21:49 It does not matter how you ignore bug reports
was considered as a Bugzilla flag once..
The issue is about trying to find a better way to set expectations on things. There are a lot of packages in Fedora/Debian/etc and a much much smaller number of maintainers. Some bugs reported are very important to fix because they are breaking a common usage case. Many other bugs fall into a spectrum of breakage to annoyance or 'not a common usage'. Some set of bugs are 'I need technical support or read the manual' type bugs. In the end packagers who are mainly volunteers have to work out what the bug is and then try to figure out if they have the time and energy to fix it.
21:49 One, specific person's view...
That's a valid point, we're going to work on this. The article mostly focus on libraries that were already ported. The rustls experiment was made a year ago, and wasn't pursued by lack of time, but we will give feedback to the rustls project about it.
21:49 Cited comment source?
I'd be very interested to understand the other side of this argument.
21:49 Cited comment source?
I believe that it's in this mail from Russ Allbery - he says that the trained classifier is non-free (since the source data is non-free), but that doesn't make it immoral or bad. It also strongly implies that an untrained classifier can be DFSG-free, it's the result of combining a DFSG-free classifier with a non-free dataset that's non-free.
21:49 Debian lost sight of its users
21:49 UF
I remember it. User Friendly was often brilliant but often just weird (dust puppy / crud puppy? Cthulhu?), and the quality started dropping and at one point the author got caught plagiarizing from Metafilter comments. New comics stopped soon after that. Still, it was a pioneer. Deserves to be remembered. The Internet Archive seems to have a full archive.
21:49 "software" vs. "data"
Software (in compiled form) is a blob of data that tells a CPU what to do.
A set of (trained) weights is a blob of data that tells a Bayesian classifier (or an AI/ML model in general) what to do.
Software *is* data. For it to be capital-F "Free", users should be given access to the (human-readable) source material used to "compile" that data. IMO, focusing on "but this is software, and that other stuff is merely data, totally not the same thing" can be short sighted and lead to a significant curtailment of rights and freedoms we *should* (very much) care about.
Apologies should it turn out we're ultimately in violent agreement :)
21:49 "software" vs. "data"
21:49 "software" vs. "data"
21:49 D-Bus reviews
21:49 Some clarifications about awk and Essential
Also, I wonder if the essential package flag could be replaced by a metapackage ala build-essential. system-essential maybe? Then instead of having all packages depend on system-essential, make a new flag that means "doesn't need system-essential' - 'standalone' or 'core' or 'systemless' maybe - to denote packages that don't depend on system-essential. That said, I'm not a debian dev (I've just been using it since pre-1.0) so there's likely reasons that wouldn't work.
21:49 It does not matter how you ignore bug reports
21:49 Some clarifications about awk and Essential
21:49 Some clarifications about awk and Essential
I would vote against switching to another awk implementation with extreme prejudice in a Debian GR: mawk is IMHO the optimal choice: either keep it, or drop *awk* entirely (and I'd rather keep it, along with sed).
21:49 An idea for replacing the essential flag
21:49 It does not matter how you ignore bug reports
21:49 An idea for replacing the essential flag
21:49 One, specific person's view...
21:49 OpenSSL drop in replacements
The problem with OpenSSL "drop-in replacements" is that the OpenSSL API is an idiosyncratic mess. It has gotten marginally better since the 3.x branch was released, but in general, writing a TLS stack that offers a matching API is very likely to result in either impedance mismatches with a quality implementation (where parts of the API just don't work) or twisting up a quality TLS implementation to make it "shaped" more like OpenSSL internally.
Network protocol designers tend to think that they just need to develop wire formats and state machines for their protocols, and leave the APIs up to negotiation between implementers and consumers. But in reality, most applications that use any network protocol have very common and straightforward needs. Any network protocol designer who wants to encourage competitive interoperable implementations should also define a minimalist, stable API in addition to the wire formats and state machines. TLS has never done this.
Each implementer will of course extend any such minimalist API to be able to show off the additional benefits that their project can offer. But if the 95% of the applications that use the protocol can stick to the minimalist API that really does make it possible to do meaningful drop-in comparisons.
Too bad the OpenSSL API is not really fit for this kind of comparison, even with itself across versions.
21:49 Exciting
Postgres will need to move toward an asynchronous, parallel and (gasp) threaded architecture to survive long term. It's amazing that its single-threaded, blocking, synchronous design has been wrangled and tuned to perform so well for so long as it is.
21:49 It is a matter of principles
21:49 It is a matter of principles
I can't speak for our editors', but the representative for my district (along with 219 others) has wholeheartedly endorsed these policies, despite how they directly (and massively at that) screw over the overwhelming majority of her constituents. My senators (along with about 50 others) are even more complicit, as they voted to confirm the folks dismantling the governmental agencies they were placed in charge of.
> John Wick said it best: "Consequences".
You do understand that (1) John Wick is a fictional character, (2) those "Consequences" came in the form of a massive pile of dead bodies that were (3) somehow completely (and conveniently) ignored by every law enforcement agency world-wide?
Meanwhile, in the real world, when it comes to political violence, the body count consists nearly entirely of completely innocent people.
21:48 Delta Air Lines Class Action Cleared For Takeoff Over CrowdStrike Chaos
A federal judge has allowed key parts of a class action lawsuit against Delta Air Lines to proceed, stemming from massive flight disruptions caused by CrowdStrike's faulty Windows update in July 2024. The Register reports: Delta blamed its reliance on Microsoft software and the CrowdStrike incident for its woes. However, according to the plaintiffs in the action (PDF), both companies offered the airline assistance, which Delta turned down. Customers of the Atlanta-based carrier affected by the delays and cancellations claim they struggled to secure refunds and compensation from the airline. The plaintiffs allege that "although Delta offered reimbursement of eligible expenses through their website and app, Delta failed to clarify that the customer would only be receiving a partial reimbursement."
"Furthermore, Delta did not disclose to its customers that acceptance of the partial reimbursement would release any legal claims the customer may have against Delta until after the customer 'click[ed] on the button to accept the partial reimbursement.'" The action concerns both US domestic and international travel. The former is covered by US Department of Transportation rules, which require airline agents to "inform customers of their right to a refund ... before making an offer for alternative transportation, travel credits, vouchers, or other compensation in lieu of refunds."
The latter claims come under the Montreal Convention, which is designed to be a single, universal treaty to govern airline liability. Delta, which estimated its operational losses at around half a billion dollars due to the outage, sought to dismiss the complaint. While the US District Judge, Mark H. Cohen, granted the airline's motion to dismiss some of the claims, he permitted others to proceed. These were Count I (breach of contract based on failure to refund) and Count XII (violation of the Montreal Convention).
21:48 Linux Drops Support For 486 and Early Pentium Processors
An anonymous reader quotes a report from ZDNet: RIP, 486 processor. You've had a long run since Intel released you back in 1989. While Microsoft stopped supporting you with the release of Windows XP in 2001, Linux kept you alive and well for another 20+ years. But all good things must come to an end, and with the forthcoming release of the Linux 6.15 kernel, the 486 and the first Pentium processors will be sunsetted.
Why? Linus Torvalds wrote recently on the Linux Kernel Mailing List (LKML), "I really get the feeling that it's time to leave i486 support behind. There's zero real reason for anybody to waste one second of development effort on this kind of issue." Senior Linux kernel developer Ingo Molnar put Torvalds' remark into context, writing, "In the x86 architecture, we have various complicated hardware emulation facilities on x86-32 to support ancient 32-bit CPUs that very very few people are using with modern kernels. This compatibility glue is sometimes even causing problems that people spend time to resolve, which time could be spent on other things." "This will be the first time Linux has dropped support for a major chip family since 2012, when Linux stopped supporting the 386 family," notes ZDNet's Steven Vaughan-Nichols. "Moving forward, the minimum supported x86 CPU will now be the original Pentium (P5) or newer, requiring the presence of the Time Stamp Counter (TSC) and the CMPXCHG8B (CX8) instruction. These features are absent in the older 486 and early 586 processors, such as the IDT WinChip and AMD Elan families."
That said, you can continue running Linux on Pentium CPUs, but you'll have to "run museum kernels," as Torvalds pointed out in 2022 when he first floated the idea of ending support for 486.
20:18 Microsoft Effectively Raises High-End Surface Prices By Discontinuing Base Models
An anonymous reader shares a report: When Microsoft announced new Surface devices earlier this week, we noted that there wasn't a lot of daylight between the starting prices of the new but lower-end devices ($799 for the 12-inch Surface Pro, $899 for the 13-inch Surface Laptop) and the starting prices of the older-but-higher-end Surfaces from last spring ($999 for both). It appears Microsoft has quietly solved this problem by discontinuing the 256GB versions of the 13.8-inch Surface Laptop 7 and the 13-inch Surface Pro 11.
Microsoft's retail pages for both devices list only 512GB and 1TB configurations, with regular prices starting at $1,199. Though not technically a price hike -- the 512GB versions of both devices also cost $1,199 before -- it does amount to an effective price increase for last year's Surface hardware, especially given that both devices have user-replaceable storage that can easily be upgraded for less than the $200 that Microsoft charged for the 256GB-to-512GB upgrade.
The upshot is that the new Surface PCs make more sense now than they did on Tuesday in relative terms, but it's only because you'll pay more to buy a Surface Pro 11 or Surface Laptop 7 than you would before. The 15-inch version of the Surface Laptop 7 still lists a 256GB configuration and a $1,299 starting price, but the 256GB models are currently out of stock.
20:18 Senate Passes 'Cruel' Republican Plan To Block Wi-Fi Hotspots For Schoolkids
An anonymous reader quotes a report from Ars Technica: The US Senate today voted along party lines to kill a Federal Communications Commission program to distribute Wi-Fi hotspots to schoolchildren, with Democrats saying the Republican-led vote will make it harder for kids without reliable Internet access to complete their homework. The Senate approved a Congressional Review Act (CRA) resolution to nullify the hotspot rule, which was issued by the Federal Communications Commission in July 2024 under then-Chairwoman Jessica Rosenworcel. The program would be eliminated if the House version passes and President Trump signs the joint resolution of disapproval.
The Rosenworcel FCC's rule expanded E-Rate, a Universal Service Fund program, allowing schools and libraries to use E-Rate funding to lend out Wi-Fi hotspots and services that could be used off-premises. The FCC rule was titled, "Addressing the Homework Gap through the E-Rate Program," and the hotspot lending program was scheduled to begin in funding year 2025, which starts in July 2025. Today's Senate vote on the resolution of disapproval was 50-38. There was a 53-47 vote on Tuesday that allowed the Senate measure to proceed to the final step. Sen. Richard Blumenthal (D-Conn.) said on Tuesday that "this resolution would prevent millions of students, educators, and families from getting online." Sen. Edward Markey (D-Mass.) called the Republican move "a cruel and shortsighted decision that will widen the digital divide and rob kids of the tools they need to succeed."
20:18 Maintainer of Linux Distro AnduinOS Revealed to Be Microsoft Employee
After gaining attention from Neowin and DistroWatch last week, the sole maintainer behind AnduinOS 1.3 -- a Linux distribution styled to resemble Windows 11 -- decided to reveal himself. He turns out to be Anduin Xue, a Microsoft software engineer, who has been working on the project as a personal, non-commercial endeavor built on Ubuntu. Neowin reports: As a Software Engineer 2 at Microsoft (he doesn't work on Windows), Anduin Xue says he's financially stable and sees no need to commercialize AnduinOS. Explaining the financial aspects of the project, he said: "Many have asked why I don't accept donations, how I profit, and if I plan to commercialize AnduinOS. Truthfully, I haven't thoroughly considered these issues. It's not my main job, and I don't plan to rely on it for a living. Each month, I dedicate only a few hours to maintaining it. Perhaps in the future, I might consider providing enterprise solutions based on AnduinOS, but I won't compromise its original simplicity. It has always been about providing myself with a comfortably themed Ubuntu."
In our coverage of the AnduinOS 1.3 release last week, one commenter pointed out that the distro is from China. For some, this will raise issues, but Anduin Xue addressed this in his blog post, too, saying that the source code is available to the public. For this reason, he told lacing the operating system with backdoors for the Chinese government would be "irrational and easily exposed." For those worried that the distribution may be abandoned, Anduin Xue said that he intends to continue supporting it and may even maintain it full-time if sponsorship or corporate cooperation emerges.
18:48 Judge Dismisses Most Charges Against FTX's Celebrity Boosters
A Florida federal judge has dismissed the majority of claims against celebrities who endorsed Sam Bankman-Fried's now-collapsed cryptocurrency exchange FTX. Judge K. Michael Moore ruled that investors failed to demonstrate the high-profile endorsers -- including Tom Brady, Gisele Bundchen, Kevin O'Leary, Larry David, Shohei Ohtani, and Stephen Curry -- knew about FTX's fraudulent activities.
In his ruling, Moore wrote that while the celebrity endorsers may have been "uninformed, negligent, or even reckless," plaintiffs didn't adequately establish that defendants had "knowledge of FTX's fraud" or "the requisite intent to deceive and defraud investors."
18:15 Elon Musk is responsible for âkilling the world's poorest children,â says Bill Gates
"The picture of the world's richest man killing the world's poorest children is not a pretty one."
18:15 USPTO refuses Tesla Robotaxi trademark as âmerely descriptiveâ
According to CEO Elon Musk, Tesla's future rests on the two-seat driverless pod.
18:15 Trump admin to roll back Biden's AI chip restrictions
Officials call previous framework "unenforceable" as May 15 deadline looms.
18:15 Belief in fake news linked to problematic social media use
People with high score on problematic social media use are more likely to like and share fake news.
18:15 Apple: âHundreds of millions to billionsâ lost without App Store commissions
Argues that recent "extraordinary Order" is punishment, not based on findings.
18:15 Google hits back after Apple exec says AI is hurting search
Google doesn't think Eddie Cue is right about search.
18:15 Trump's NIH ignored court order, cut research grants anyway
Officials testified that DOGE was directly involved in hundreds of grant terminations.
18:15 Microsoft effectively raises high-end Surface prices by discontinuing base models
Discontinuation of 256GB models gives older Surface PCs an effective price hike.
18:15 Report: DOGE supercharges mass-layoff software, renames it to sound less dystopian
Report: DOGE software automates layoffs, slashing biggest agencies in a blink.
18:15 Senate passes âcruelâ Republican plan to block Wi-Fi hotspots for schoolkids
Senate vote nullifies FCC hotspot-lending program for kids without broadband.
Hide
18:13 UK rolls out passkeys across Gov.uk services
Comments
18:13 Microservices are a tax your startup probably can't afford
Comments
18:13 Imagineers defend new Walt Disney robot
Comments
18:13 Brokk: AI for Large Codebases
Comments
18:13 More people are getting tattoos removed
Comments
18:13 Hypermode Model Router Preview - OpenRouter Alternative
Comments
18:13 AI focused on brain regions recreates what you're looking at (2024)
Comments
18:13 Show HN: Checking Pope's election results with smoke test script for chimney
Comments
18:13 My new deadline: 20 years to give away virtually all my wealth
Comments
18:13 When Abandoned Mines Collapse
Comments
18:13 Google to back three new nuclear projects
Comments
18:13 First American pope elected and will be known as Pope Leo XIV
Comments
18:13 Using Coalton to implement a quantum compiler (2022)
Comments
18:13 Ciro (YC S22) is hiring a software engineer to build AI agents for sales
Comments
18:13 Notes on rolling out Cursor and Claude Code
Comments
18:13 Show HN: Using eBPF to see through encryption without a proxy
Comments
18:13 Progress toward fusion energy gain as measured against the Lawson criteria
Comments
18:13 Reservoir Sampling
Comments
18:13 Chicago native Cardinal Prevost elected pope, takes name Leo XIV
Comments
17:40 Home Assistant 2025.5 released
Version
2025.5 of the Home Assistant home automation system has been released.
With this release, the project is celebrating two million active
installations. Changes include improvements to the backup system, Z-Wave
Long Range support, a number of new integrations, and more.
17:40 [$] LWN.net Weekly Edition for May 8, 2025
Inside this week's LWN.net Weekly Edition:
17:40 Fittl: Waiting for Postgres 18: Accelerating Disk Reads with Asynchronous I/O
Lukas Fittl writes in detail
on the pganalyze blog about the asynchronous I/O capability coming with the
PostgreSQL 18 release.
Asynchronous I/O delivers the most noticeable gains in cloud environments where storage is network-attached, such as Amazon EBS volumes. In these setups, individual disk reads often take multiple milliseconds, introducing substantial latency compared to local SSDs.With traditional synchronous I/O, each of these reads blocks query execution until the data arrives, leading to idle CPU time and degraded throughput. By contrast, asynchronous I/O allows Postgres to issue multiple read requests in parallel and continue processing while waiting for results. This reduces query latency and enables much more efficient use of available I/O bandwidth and CPU cycles.
17:40 Security updates for Thursday
Security updates have been issued by Debian (chromium, libapache2-mod-auth-openidc, mariadb-10.5, and openssh), Red Hat (osbuild-composer), Slackware (mariadb), SUSE (apache2-mod_auth_openidc, glib2, ImageMagick, libsoup, libsoup2, libva, openvpn, sqlite3, and weblate), and Ubuntu (libsoup3, php-horde-css-parser, and python-django).
Hide
17:40 One UI 8 Watch will get a Shortcuts app, and here's what it does (APK teardown)
Why visit the app drawer when you can launch apps from your watch's home screen?
17:40 Samsung is bringing One UI 7's âNow Bar' and âNow Brief' to Galaxy Watches (APK teardown)
One UI 8 Watch is shaping up to be quite a feature-packed update.
17:40 Hate One UI 7's split notification panel? Here's how to switch back.
Samsung offers separate notification and quick setting panels in One UI 7. Here's how to switch back to the old style.
17:40 New Circle to Search layouts spotted, and Google's already pushing one live
One of the UIs has a rectangular box with unmarked buttons, while the other uses a two-row layout.
17:40 Google Maps just gained a cool new trick, but not on Android
The previously announced screenshot-reading feature has started rolling out to Google Maps on iOS.
17:40 Samsung is working on a badly needed battery-extending feature for Galaxy Watches (APK teardown)
Limiting the charge of a Galaxy Watch to a certain threshold can prolong your battery.
17:40 Samsung's working on a way to keep your Galaxy Watch always looking new (APK teardown)
Why stick with the same old watch face day after day?
17:40 Get ready â Samsung's first One UI 8 beta could be right around the corner
Instead of June, the first One UI 8 beta is now expected later this month!
17:40 More ways to pay? ChatGPT may be exploring weekly and lifetime subscriptions (APK teardown)
A weekly plan would definitely be appreciated by many people, but a lifetime plan sounds too much of a stretch.
17:40 This 4K Google TV box could take the market by storm with its incredibly affordable price
Walmart's Onn 4K Plus Google TV box could launch soon for under $30.
17:40 Just downloaded One UI 7? Here are two settings to change immediately
A couple of quick fixes make One UI 7 significantly better.
17:40 This is the one feature I really want to see on Samsung's high-end phones
It's time for the company to improve its charging speeds significantly.
17:40 Gemini's vs ChatGPT's Deep Research: For me, the choice is clear
I have a favorite, although neither of them is perfect.
17:40 Uneven battery drain killing your Nothing Ear earbuds? You're not alone
Several Nothing Ear users are facing an unusual battery-related issue with their earbuds.
17:40 WHOOP 5.0: The best screenless fitness tracker just got a successor
Distraction free health tracking is more powerful than ever.
17:40 Pixel users say Google's image processing is ruining shots. Are you affected?
Many users are complaining about the mismatch between the camera viewfinder preview and the image output.
17:40 Google Drive's floating action button may soon look like it should have all along (APK teardown)
Google Drive is making a welcomed change to the FAB on Android.
17:40 Samsung is rushing to make more Galaxy S25s, and you can guess why
The 800,000-unit increase mostly relates to the high-end Galaxy S25 Ultra model.
17:40 Google Play preps a better way to keep track of download progress (APK teardown)
An improved download progress notification is currently in the works.
17:40 Pre-order your new Moto Razr now and go all âRazrBerry' with this free accessory
This fantastic pre-order bundle just 'clicks.'
17:40 Chrome for Android will soon warn you against scam notifications
Chrome for Android is gaining the ability to detect malicious web notifications.
17:40 Nintendo Switch 2 motherboard leak shows off what's hiding under the hood
The leak answers lingering questions about performance.
Hide
17:18 Plastics Industry Pushed 'Advanced Recycling' Despite Knowing Problems
Plastic producers have pushed "advanced recycling" as a salve to the plastic waste crisis despite knowing for years that it is not a technically or economically feasible solution, a new report argues. The Guardian: Advanced recycling, also known as chemical recycling, refers to a variety of processes used to break plastics into their constituent molecules. The industry has increasingly promoted these technologies, as public concern about the environmental and health effects of plastic pollution has grown. Yet the rollout of these technologies has been plagued by problems, according to a new analysis from the Center for Climate Integrity (CCI), a fossil-fuel accountability advocacy group.
"The companies make it sound like it's pretty great, like it's something we should pursue," said Davis Allen, investigative researcher at the CCI and author of the report. "But they know the problems, the limitations." The new analysis follows a 2024 CCI report which alleged that plastic producers concealed the problems with traditional recycling, and argued that they could face legal ramifications for doing so. That earlier research was cited in a September lawsuit filed by California's attorney general, Rob Bonta, against ExxonMobil for its role in the plastic pollution crisis. "The new report focuses on this modern deception with advanced recycling, which has become a real focus for the industry in recent years," said Davis.
17:18 Wikipedia Legally Challenges UK's 'Flawed' Online Safety Rules
Wikipedia is taking legal action against the UK's new Online Safety Act regulations it says could threaten the safety of its volunteer editors and their ability to keep harmful content off the site. From a report: The Wikimedia Foundation -- the non-profit which supports the online encyclopaedia -- is seeking a judicial review of rules which could mean Wikipedia is subjected to the toughest duties required of websites under the act.
Lead counsel Phil Bradley-Schmieg said it was "unfortunate that we must now defend the privacy and safety of Wikipedia's volunteer editors from flawed legislation." The government told the BBC it was committed to implementing the act but could not comment on ongoing legal proceedings. It's thought this is the first judicial review to be brought against the new online safety laws - albeit a narrow part of them - but experts say it may not be the last.
"The Online Safety Act is vast in scope and incredibly complex," Ben Packer, a partner at law firm Linklaters, told the BBC. The law would inevitably have impacts on UK citizens' freedom of expression and other human rights, so as more of it comes into force "we can expect that more challenges may be forthcoming," he told the BBC.
15:48 Switzerland To Hold Referendum on Introducing Electronic ID
Switzerland will hold a national referendum on the introduction of electronic identity cards after opponents of the legislation secured enough signatures to force a public vote. The Federal Chancellery confirmed Wednesday that 55,344 valid signatures were submitted against the Federal Act on Electronic Identity passed last December.
The proposed e-ID would enable citizens to apply online for criminal record extracts, driving licenses, and age verification when purchasing alcohol. This marks the second referendum on e-ID implementation, after voters rejected a previous version in 2021. The government has revised its approach, making the new system free, optional, and fully state-operated rather than privately managed. If approved, the e-ID would come into force no earlier than 2026, though the collection effort suggests privacy concerns remain paramount for many Swiss voters.
15:48 Apple Asks Court To Halt App Store Rule Changes While It Appeals
Apple asked a judge to halt an order forcing it to give up control over App Store payments while it appeals the decision. From a report: In a filing on Wednesday, Apple says the order contains "extraordinary intrusions" that could result in "grave irreparable harm" to the company. Last week, California District Court Judge Yvonne Gonzalez Rogers found that Apple was in "willful violation" of a 2021 injunction issued as part of the Epic Games v. Apple case.
As a result, the judge ordered Apple to stop collecting an up to 27 percent commission on purchases made outside the App Store, and said the company can no longer restrict how developers point users toward external purchases.
14:18 Ghost Students Are Creating an 'Agonizing' Problem For California Colleges
An anonymous reader quotes a report from SFGATE: When the pandemic upended the world of higher education, Robin Pugh, a professor at City College of San Francisco, began to see one puzzling problem in her online courses: Not everyone was a real student. Of the 40 students enrolled in her popular introduction to real estate course, Pugh said she'd normally drop three to five from her roster who don't start the course or make contact with her at the start of the semester. But during the current spring semester, Pugh said that number more than doubled when she had to cut 11 students. It's a strange new reality that has left her baffled. "It's really unclear to me, and beyond the scope of my knowledge, how this is really happening," she said. "Is it organized crime? Is it something else? Everybody has lots of theories."
Some of the disengaged students in Pugh's courses are what administrators and cybersecurity experts say are "ghost students," and they've been a growing problem for community colleges, particularly since the shift to online instruction during the pandemic. These "ghost students" are artificially intelligent agents or bots that pose as real students in order to steal millions of dollars of financial aid that could otherwise go to actual humans. And as colleges grapple with the problem, Pugh and her colleagues have been tasked with a new and "frustrating" task of weeding out these bots and trying to decide who's a real person.
The process, she said, takes her focus off teaching the real students. "I am very intentional about having individualized interaction with all of my students as early as possible," Pugh said. "That included making phone calls to people, sending email messages, just a lot of reaching out individually to find out 'Are you just overwhelmed at work and haven't gotten around to starting the class yet? Or are you not a real person?'" Financial aid fraud is not new, but it's been on the rise in California's community colleges, Cal Matters reported, with scammers stealing more than $10 million in 2024, more than double the amount in 2023.
Wendy Brill-Wynkoop, the president of the Faculty Association of California Community Colleges and a professor at College of the Canyons in Santa Clarita, said the bots have been enrolling in courses since around early 2021.
"It's been going on for quite some time," she said. "I think the reason that you're hearing more about it is that it's getting harder and harder to combat or to deal with." A spokesperson for the California Community Colleges Chancellor's Office estimates that 0.21% of the system's financial aid was fraudulently disbursed. However, the office was unable to estimate the percentage of fraudulent attempts attributed to bots.
14:18 Zuckerberg's Grand Vision: Most of Your Friends Will Be AI
Meta CEO Mark Zuckerberg is aggressively promoting a future where AI becomes the dominant form of social interaction, claiming that AI friends, therapists, and business agents will soon outnumber human relationships. During a recent media blitz across multiple podcasts and a Stripe conference appearance, Zuckerberg cited statistics suggesting "the average American has fewer than three friends" while claiming people desire "meaningfully more, like 15 friends" -- positioning AI companions as the solution to this gap.
The Meta founder's vision extends beyond casual interaction to therapeutic and commercial relationships, with personalized AI that "has a deep understanding of what's going on in this person's life." Meta has already deployed its AI across Instagram, Facebook, and Ray-Ban smart glasses, reaching nearly a billion monthly users.
14:13 Bridging the gap between keyword and semantic search with SPLADE (2024)
Comments
14:13 Engineered adipocytes implantation suppresses tumor progression in cancer models
Comments
14:13 Wellness influencer with no medical license proposed for US Surgeon General
Comments
14:13 Ask HN: What are good high information density UIs (screenshots, apps, sites)
Comments
14:13 Artifact (YC W25) Is Hiring
Comments
14:13 Will protein design tools solve the snake antivenom shortage?
Comments
14:13 How Obama's BlackBerry got secured (2013)
Comments
14:13 Yes, the Apple II MouseCard IRQ Is Synced to the VBL
Comments
14:13 How to Harden GitHub Actions: The Unofficial Guide
Comments
14:13 Using NASA's SMAP satellite to detect L-band interference
Comments
Hide
11:49 Why two shells?
I guess I should go look up the debian developers list thread but I'm still uncertain why anybody wants to run a Debian that's slimmed down to the point where the existence of awk is being questioned (which is even POSIX-standard-though I realize that it is not the measure of a container image).
Indeed, why not run alpine or something that maybe is just a kernel, musl, and busybox, unless you are going to apt-get install a bunch of stuff that is probably going to bring a lot more dead weight than awk along for the ride?
But maybe i am just showing my partiality towards awk, inasmuch as i don't consider it to be just so much more dead weight (probably because of my age and thinking that UNIX is defined by having the "toolkit" available to deploy from the shell, with "grepping, sedding, and a little awking," as Stan Kelly-Bootle's book put it, and getting to know Debian when the measure of a Linux installation was whether it was a viable replacement for a UNIX installation, not whether it something you could strip down to provide a libc or glibc interface to a running kernel and nothing else and let some language runtime handle the rest).
(Hmm. I did not think this was going in the direction of me having to crawl back into the fossilized shell I crawled out of but i guess i better do that now.)
11:49 Why two shells?
The above is slightly hyperbolic because it ignores the invaluable work done by Ben Hutchings on the Debian (Linux) kernel and also of the glibc package maintainers (whom i do not, i'm ashamed to say, know by name), of course, as they provide much "value-add" and integration work.
11:49 An idea for replacing the essential flag
When you look at Build-Depends there is the build-essential package and all packages which build-essential depends on are not mentioned in the Build-Depends field, correct? Why just not doing the same with a new package named essential and the Depends field? Changing sets of essential packages could then be modeled by with a versioned explicit depedency on the new metapackage "essential". I guess that would be also a good idea because its not marked in packages for which Debian version (i.e. for which version of the set of essential packages) they will be build for. Such a thing can not really well be done by a simple "Essential" marker.
Another use case which could elegantly solved would be the install of crossbuild toolchains. To install a crossbuild toolchain right now you have to install crossbuild-essential-
Another use case would be preventing removal of essential packages by apt. Just stop and warn if the essental metapackage would be removed which would be the case if one of the packages in the essential set is about to be removed.
Another use case would be the generation of a reprepro mirror list for dependencies of a package. Just add all dependencies of the package + essential and its dependencies.
And I think there are some more.
What do you think about?
A bit OT: But i think that also on other places metapackages should be used to replace other mechanism of package lists, like debootstrap variants (minbase -> all essentials, chroot -> all essential + some other...?), like tasksel (what packages are really contained in task ssh server?). I remember things like this were really hard to find out when i was once a beginner.
. With a multiarch essential package it would always be crossbuild-essential-
11:49 One, specific person's view...
The first block of the page.
The remaining article explicitly mentions LTS. For various reasons, especially distribution support / packaging.
TLS is one of those things where "might not work as expected" or "still experimental" isn't gonna work - it has to work properly or its pretty much useless.
Thats exactly what HeartBleed, Poodle and all the other security issues have proven countless times.
Article is specific for HAProxy, yes - as mentioned in the first block, it was written for internal use and *generously* shared to the public.
Critic is fine, but imho a lot of points mentioned here don't apply if one would read the article before writing.
11:49 Why two shells?
Ah, who remembers this classic? (Sadly the original URL seems to have disappeared)
11:49 Duplicate story?
11:49 One, specific person's view...
Note that they included OpenSSL 3.4-dev, which was a snapshot of the latest available OpenSSL at the time they wrote the article.
In other words, they didn't ignore the past four years - indeed, you can see that code in the various graphs. What they did do was a lot of effort explaining why various library versions behaved the way they did - for example, looking at locking in OpenSSL 3.0, and at C compiler flags affecting AWS-LC (and also identifying a bug in older AWS-LC versions that affected performance on Amazon Graviton CPUs).
About the only thing that's missing that'd have been nice to see is a quick summary of what's missing from rustls-openssl-compat for their use case; basically enough to fill in the issue for haproxy compatibility.
11:49 Sounds great
11:49 It does not matter how you ignore bug reports
Not dealing with bug reports because you will never find time for it, or closing it as wontfix for the same reason tells me as bug reporter not to report bugs. The benefit is that you will not have to ignore so many bug reports, but the drawback is that you will still have the bugs. Maybe a better approach is to close the bug tracker; that prevents bug reporters unaware of the lack of maintenance manpower from wasting their time.
IMO closing as wontfix is only acceptable when the bug has been considered and the maintainer has decided that fixing the bug would have worse consequences than not fixing it.
Hide
11:18 Figma's Big AI Update Takes On Adobe, WordPress, and Canva
At its Config 2025 event on Wednesday, Figma unveiled four new AI-powered tools -- Sites, Make, Buzz, and Draw, positioning itself as a full-stack design platform to rival Adobe, WordPress, and Canva. These tools enable users to build websites, generate code, create marketing content, and design vector graphics without leaving the Figma ecosystem. The Verge reports: Figma's first solution is Figma Sites, a website builder that integrates with Figma Design and allows creators to turn their projects into live, functional sites. Figma Sites provides presets for layouts, blocks, templates, and interactions that aim to make building websites less complex and time-consuming. Additional components like custom animations can also be added either using existing code or by prompting Site's AI tool to generate new interaction codes via text descriptions, such as "animate the text to fall into place like a feather." Figma Sites is rolling out in beta for users with full seat access to Figma products. Figma says that AI code generation will be available "in the coming weeks," and that a CMS that allows designers to manage site content will be launched "later this year."
Figma Make is Figma's take on AI coding tools like Google's Gemini Code Assist and Microsoft's GitHub Copilot. The prompt-to-code Figma Make tool is powered by Anthropic's Claude 3.7 model and can build working prototypes and apps based on descriptions or existing designs, such as creating a functional music player that displays a disc that spins when new tracks are played. Specific elements of working design, like text formatting and font style, can be manually edited or adjusted using additional AI prompts. Make is rolling out in beta for full seat Figma users. Figma says it's "exploring integrations with third parties and design systems" for Figma Make and may apply the tool to other apps within its design platform.
Figma Buzz is a marketing-focused design app that's rolling out in beta to all users, and makes it easier for teams to publish brand content, similar to Canva's product design platform. The tool allows Figma designers to create brand-approved templates, styles, and assets that can be used by marketers to quickly assemble emails, social media posts, advertising, and more. Figma Buzz includes generative AI tools for making and editing images using text prompts, and can source information from spreadsheets to bulk create thousands of image assets at once.
Lastly, the Figma Draw vector design app is like a simplified version of Adobe Illustrator that creatives can use to make custom visuals without leaving the Figma platform. It includes a variety of brushes, texture effects, and vector editing tools to create or adjust scalable images and logos for product design projects. Figma Draw is generally available now for full seat users as a toggle in Figma Design, with some features accessible in Sites, Slides, and Buzz. It's not quite as expansive as Adobe's wider Creative Cloud ecosystem, but Figma Draw places the two companies in direct competition for the first time since Adobe killed its own XD product design platform. It also brings some new options to the creative software industry after Adobe failed to acquire Figma for $20 billion due to pressure from competition regulators.
10:13 Extending a Language - Writing Powerful Macros in Scheme
Comments
10:13 Secret Messages Detected on Egyptian Obelisk in Paris
Comments
10:13 Thunder Compute (YC S24) Is Hiring a C++ Low-Latency Systems Developer
Comments
10:13 Heat stress mitigation by trees and shelters at bus stops
Comments
10:13 I can't understand Apple's Critical Alert policy
Comments
10:13 Mass spectrometry method identifies pathogens within minutes instead of days
Comments
Hide
08:18 Dangerous Fungal Spores May Travel the Globe On 'Stratospheric Superhighway'
sciencehabit shares a repot from Science.org: Scientists have captured fungal spores cruising in the inhospitable environment of the stratosphere, much higher than commercial aircraft fly. When brought back to the lab, the researchers found that some of the spores -- including pathogens of plants and people -- had survived intercontinental trips and could be cultured in the lab. Although spores and microbes have been detected in the stratosphere before, the new results come from a cheap, homespun sampling device dangled from weather balloons, the project could help researchers figure out what traits and conditions allow spores to survive a swing through the stratosphere and how they get up there in the first place. The work could also be a first step towards an atmospheric monitoring system that could nip emerging fungal pathogens in the bud, the study's authors reported at a conference of the European Geophysical Union.
After five preliminary flights, the team has already learned a lot. Based on DNA sequencing analysis, they identified spores from 235 genera, including fungi that infect blackberries and carrots in the United States and Japan, and one species, Naganishia albida, that can make immunocompromised people sick. In the lab, they were able to revive and culture spores from 15 different fungal species, among them several plant pathogens. Mostly, the results show that their sampler works. Now, the researchers want to set up regular flights to track airborne fungal biodiversity and seasonal variations. They also want to identify how events such as wildfires or volcanic eruptions inject spores into the stratosphere.
06:48 AI of Dead Arizona Road Rage Victim Addresses Killer In Court
An anonymous reader quotes a report from The Guardian: Chris Pelkey was killed in a road rage shooting in Chandler, Arizona, in 2021. Three and a half years later, Pelkey appeared in an Arizona court to address his killer. Sort of. "To Gabriel Horcasitas, the man who shot me, it is a shame we encountered each other that day in those circumstances," says a video recording of Pelkey. "In another life, we probably could have been friends. I believe in forgiveness, and a God who forgives. I always have, and I still do," Pelkey continues, wearing a grey baseball cap and sporting the same thick red and brown beard he wore in life.
Pelkey was 37 years old, devoutly religious and an army combat veteran. Horcasitas shot Pelkey at a red light in 2021 after Pelkey exited his vehicle and walked back towards Horcasitas's car. Pelkey's appearance from beyond the grave was made possible by artificial intelligence in what could be the first use of AI to deliver a victim impact statement. Stacey Wales, Pelkey's sister, told local outlet ABC-15 that she had a recurring thought when gathering more than 40 impact statements from Chris's family and friends. "All I kept coming back to was, what would Chris say?" Wales said. [...]
Wales and her husband fed an AI model videos and audio of Pelkey to try to come up with a rendering that would match the sentiments and thoughts of a still-alive Pelkey, something that Wales compared with a "Frankenstein of love" to local outlet Fox 10. Judge Todd Lang responded positively to the AI usage. Lang ultimately sentenced Horcasitas to 10 and a half years in prison on manslaughter charges. "I loved that AI, thank you for that. As angry as you are, as justifiably angry as the family is, I heard the forgiveness," Lang said. "I feel that that was genuine." Also in favor was Pelkey's brother John, who said that he felt "waves of healing" from seeing his brother's face, and believes that Chris would have forgiven his killer. "That was the man I knew," John said.
06:13 Wikidive - AI guided rabbitholes in Wikipedia
Comments
06:13 Bootstrapping Lisp in a Boot Sector
Comments
06:13 Gmail will soon stop support for the 3DES encryption cipher for incoming SMTP
Comments
06:13 Ask HN: How much better are AI IDEs vs. copy pasting into chat apps?
Comments
06:13 Ancient DNA from the green Sahara reveals ancestral North African lineage
Comments
06:13 Mycoria is an open and secure overlay network that connects all participants
Comments
06:13 Docs like code in basic terms
Comments
06:13 Why Intel Deprecated SGX?
Comments
06:13 Inheritance was invented as a performance hack (2021)
Comments
06:13 How linear regression works intuitively and how it leads to gradient descent
Comments
Hide
05:40 Setting up your smart home could be a lot easier next time around, thanks to new Matter update
From mutli-device QR codes, to NFC support, Matter 1.4.1 is out to tackle setup headaches.
05:40 Garmin users should start bracing for more subscription-only features
Expect Garmin to start hiding more future features behind its paywall.
05:40 NVIDIA follows up last month's Shield TV hotfix with an update that won't break your apps
Available now for all Shield TV and Shield TV Pro hardware.
05:40 Deal: This 8BitDo Retro Mechanical Keyboard is on sale, but only today!
Become the envy of all your gamer friends with this 8BitDo Retro Mechanical Keyboard!
05:40 It's official: Samsung to unveil Galaxy S25 Edge at May 12 Unpacked event
US customers can secure $50 Samsung Credit by reserving the Galaxy S25 Edge before the launch.
05:40 The Narwal Freo Z Ultra robot vacuum is at an all-time low price today, and it's our favorite!
Keep your floors truly clean without touching a broom or mop!
05:40 Google improves the Gemini experience on the iPad with a native app
The iPad is finally getting a proper Gemini experience.
05:40 Spotify just dropped meaningful new features for both Premium and free users
New Spotify features let you customize playlists, hide songs for longer, collaborate with ease, and more.
Hide
03:48 Google Refutes Apple's Claims of Search Traffic Decline
Google has pushed back against Apple executive Eddy Cue's testimony that Safari searches declined last month, asserting it continues "to see overall query growth in Search" with "an increase in total queries coming from Apple's devices and platforms."
The statement comes as Apple's Senior VP revealed under oath that the company is "actively looking at" revamping Safari to focus on AI-powered search engines, potentially threatening the estimated $20 billion-a-year deal making Google the default search provider on Apple devices.
Cue testified that AI search providers including OpenAI, Perplexity, and Anthropic will "eventually replace standard search engines." Google, in its response, pointed to ongoing enhancements to its search product, noting users are "accessing it for new things and in new ways, whether from browsers or the Google app, using their voice or Google Lens."
03:45 WhatsApp provides no cryptographic management for group messages
The weakness creates the possibility of an insider or hacker adding rogue members.
Hide
02:13 Ghost students are creating problems for California colleges
Comments
02:13 Luna Parc Home and Studio
Comments
02:13 A new hairlike electrode for long-term, high-quality EEG monitoring
Comments
02:13 Show HN: Ductape - Build back end integrations once, reuse them anywhere
Comments
02:13 Bell's 1881 Metal detector
Comments
02:13 Parametric Modeling with Grasshopper
Comments
02:13 NSA spied through Angry Birds, other apps: report (2014)
Comments
02:13 Foundation DB Record Layer SQL API
Comments
02:13 Examining problematic speech and behavior in World of Warcraft (2022)
Comments
02:13 June Huh dropped out to become a poet, now he's won a Fields Medal (2022)
Comments
02:13 Show HN: US Routing - Python library for fast local routing in the United States
Comments
02:13 Yggdrasil is an experimental compact routing scheme that is fully decentralised
Comments