Google Revives Web Gatekeeping Fears!

US will start revoking passports for parents who owe child support

Key Points

• The State Department will revoke passports of parents owing more than $2,500 in unpaid child support.
• The policy expands prior enforcement that mainly affected passport renewals.
• States have collected about $657 million in arrears through the program since 1998.

Digging into Drama at the Document Foundation

Key Points

• TDF removed membership from about 30 Collabora-affiliated contributors.
• Collabora said it would reduce LibreOffice involvement and focus on a new Collabora Office project.
• The article explains that TDF membership governs voting and leadership rights, not the ability to contribute code.

Inventing Cyrillic

Key Points

• Cyrillic is presented as both a widely used alphabet and a state-backed symbol of Slavic culture and identity.
• The article says modern celebrations of Cyril and Methodius reflect political narratives as well as respect for literacy.
• It argues that the alphabet's spread was driven by elite interests and historical contingencies rather than broad immediate empowerment.

Rumors of my death are slightly exaggerated

Key Points

• Cliff Stoll said an AI-generated Facebook review falsely claimed he died in May 2024.
• He discovered the rumor after receiving emails asking whether his Klein bottle business was still operating.
• The article presents the incident as an example of AI hallucinations spreading fabricated information on social media.

GPT-5.5 Price Increase: What It Costs

Key Points

• GPT-5.5 doubled listed token pricing versus GPT-5.4, but real-world cost increases were measured at 49% to 92%.
• Completion lengths dropped by 19% to 34% only for prompts above 10K tokens; shorter prompts did not benefit.
• The analysis used OpenRouter switcher-cohort data and normalized costs per million OpenRouter tokens for direct comparison.

HantaWatch Real time hantavirus outbreak tracker

Key Points

• Confirmed Andes virus with human-to-human transmission is the central update.
• The UK tracker total includes a third suspected case, described as a third Briton added.
• HantaWatch lists 9+ total cases, 5 lab-confirmed cases, 4+ suspected cases, and 3 deaths.

ClojureScript Gets Async/Await

Key Points

• ClojureScript 1.12.145 adds native async/await support through the `^:async` hint.
• The compiler now emits JavaScript async functions and supports await in tests as well as application code.
• The team says this feature addresses a top user request for better JavaScript interop and reduces dependency needs.

Dithering with CSS

Key Points

• CSS can be used to dither website images for a unified visual style.
• Pre-processing images may be a better option in some cases than applying the effect in CSS.
• The article specifically references noise dithering as part of the technique.

The surprisingly complex journey to text-selectable client-side generated PDFs

Key Points

• SmallDocs needed PDF export that kept sensitive Markdown content entirely client-side.
• The article identifies four PDF requirements: standard download UX, selectable text, visual fidelity, and privacy-preserving generation.
• Common off-the-shelf webpage-to-PDF solutions did not meet all of SmallDocs’ constraints.

Nintendo announces price increases for Nintendo Switch 2

Key Points

• Nintendo is increasing Switch 2 and other Switch hardware prices in Japan, with hardware changes starting May 25, 2026.
• Nintendo Switch 2 price increases are also scheduled for the United States, Canada, and Europe from September 1, 2026.
• Nintendo Switch Online pricing in Japan will rise on July 1, 2026, and some card products in Japan will move to open pricing.

Ask HN: We just had an actual UUID v4 collision...

Key Points

• A developer reports that a database detected a duplicate UUID v4.
• The system uses the npm `uuid` package and generates IDs via `uuidv4()` without modification.
• The author says the collision occurred in a database of about 15,000 records, making it seem statistically implausible.

Floats Don't Agree with Themselves

Key Points

• A floating-point orientation test returned different signs across platforms, changing polygon decomposition results.
• The article identifies FMA, extended precision, reassociation, and denormal handling as reproducibility hazards.
• The author created `exact-poly`, an integer-based 2D geometry library, and says it is used in production on merca.earth.

GeoJSON

Key Points

• GeoJSON is a format for encoding geographic data structures.
• It supports six core geometry types plus Feature and FeatureCollection objects.
• RFC 7946 became the official GeoJSON standard in August 2016, replacing the 2008 specification.

An Introduction to Meshtastic

Key Points

• Meshtastic uses LoRa radios to create long-range, off-grid mesh communications.
• The platform offers encrypted text messaging, optional GPS features, and decentralized operation without dedicated routers.
• The project is open source and maintained by volunteers through community platforms such as GitHub and Discord.

Hackers breach JDownloader website to serve malware-laced downloads

Key Points

• JDownloader said attackers replaced official Windows and Linux installers on its website with malware.
• The breach exploited an unpatched flaw that let attackers change site access controls and edit download links without authentication.
• JDownloader said signed update channels and package repositories such as Winget, Flatpak, and Snap were not compromised.

Poland is now among the 20 largest economies. How it happened

Key Points

• Poland has grown into the world’s 20th largest economy with more than $1 trillion in annual output.
• The article links Poland’s rise to EU integration, stronger institutions, education, and entrepreneurship.
• Examples include AI and quantum computing work in Poznan and Solaris’s growth in the electric bus market.

QBE – Compiler Back End

Key Points

• QBE is a small compiler backend designed to trade some peak optimization for much lower implementation complexity.
• It fully supports the C ABI and currently targets amd64, arm64, and riscv64.
• The article includes a working QBE IL example and a basic compile-and-link workflow.

Just Fucking Use Go

Key Points

• The article promotes Go as a simple backend language with fast builds and single-binary deployment.
• It argues that Go’s standard library can replace much of the framework and tooling commonly added to web stacks.
• It highlights io.Reader, io.Writer, and context.Context as important building blocks in Go’s design.

UFO Release 1: Presidential Unsealing and Reporting System for UAP Encounters

Key Points

• The article says Trump ordered a government-wide effort to release UAP, UFO, and related records.
• The Department of War and ODNI are described as leading a large declassification review across decades of federal records.
• Only unresolved UAP cases are included in the archive, with releases planned every few weeks.

Podman rootless containers and the Copy Fail exploit

Key Points

• Copy Fail can be exploited in Podman rootless containers to gain a root shell inside the container.
• The article says Podman’s rootless design limits host impact to the privileges of the unprivileged user running the container.
• The piece uses the vulnerability to explain rootless containers, user namespaces, Linux capabilities, and defence-in-depth.

Tesla is recalling its cheaper Cybertruck because the wheels might fall off

Key Points

• Tesla is recalling all 173 RWD Cybertruck Long Range vehicles over brake rotor defects that could lead to wheel separation.
• Tesla reported three possible warranty-related cases but said it knows of no crashes, injuries, or fatalities tied to the issue.
• The company plans to replace brake rotors, hubs, and lug hardware; the newer dual-motor AWD Cybertruck is not affected.

PC Engine CPU

Key Points

• The PC Engine’s HuC6280 is an 8-bit CPU despite the TurboGrafx-16 branding.
• The chip is based on the 65C02 and includes additional instructions plus integrated hardware features.
• Its 7.16 MHz high-speed mode and low memory latency give it strong practical performance versus contemporaries like the SNES.

Four stable kernels with partial fixes for Dirty Frag

Key Points

• Four stable Linux kernel versions were released: 7.0.5, 6.18.28, 6.12.87, and 6.6.138.
• These releases contain only a partial fix for Dirty Frag and Copy Fail 2.
• A second patch is still in development and has not yet been merged.

A web page that shows you everything the browser told it without asking

Key Points

• The page demonstrates how much data a browser can reveal immediately through ordinary web requests and APIs.
• It cites documented tracking methods including IP geolocation, font and canvas fingerprinting, clipboard access, and battery-based tracking.
• The article argues that these capabilities are built into the web platform by design, not obtained through exploits.

Show HN: Git for AI Agents

Key Points

• re_gent records AI agent tool activity automatically and exposes it through git-like CLI commands.
• The tool can attribute code lines to specific prompts, sessions, and tool calls using `rgt blame`.
• Its storage model uses content-addressed objects, SQLite indexing, and a DAG of steps under `.regent/`.

Serving a Website on a Raspberry Pi Zero Running in RAM

Key Points

• The site runs on a Raspberry Pi Zero v1.3 using Alpine Linux in diskless RAM mode.
• Persistent configuration is stored on microSD using Alpine lbu and apk cache tools.
• TLS termination is offloaded to a small external VPS rather than handled directly on the Pi.

Google Cloud Fraud Defence is just WEI repackaged

Key Points

• Google Cloud Fraud Defense uses a QR-code phone scan to confirm human presence and is presented by Google as a reCAPTCHA evolution.
• The article ties the product to Google’s withdrawn 2023 Web Environment Integrity proposal, which used hardware-backed browser and device attestation.
• The article says Fraud Defense depends on qualifying mobile hardware and Google’s Play Integrity API, while also arguing the workflow can be automated and bypassed.

Cartoon Network Flash Games

Key Points

• The article features a browser-based collection of Cartoon Network games.
• Named franchises include The Powerpuff Girls, Dexter’s Laboratory, and Samurai Jack.
• The collection extends to other fan-favorite Cartoon Network series.

Apple, Intel have reached preliminary chip-making deal

Key Points

• Intel and Apple reportedly reached a preliminary deal for Intel to make some chips for Apple devices.
• The reported agreement could bolster Intel’s foundry business and support U.S. efforts to expand domestic chip production.
• Apple may gain added manufacturing capacity and reduced dependence on TSMC, though the specific products involved are not yet known.

AI Is Breaking Two Vulnerability Cultures

Key Points

• AI is making it easier to infer security issues from public code commits, weakening Linux’s quiet-fix approach.
• Long coordinated disclosure windows are also under pressure because independent discovery can happen quickly.
• The article suggests very short embargoes may be more viable as AI accelerates both attackers and defenders.

Defeating Works by Design's Unpickable Lock [video]

Key Points

• Lock Noob posted a 33:25 YouTube video about defeating Works By Design’s "unpickable" lock.
• The video description says Works By Design was involved in the project and links viewers to the original lock video.
• The page situates the video within a broader maker and engineering creator ecosystem through related recommendations.

Google Broke reCAPTCHA for De-Googled Android Users

Key Points

• The article says Android reCAPTCHA challenges now depend on Google Play Services.
• De-Googled Android systems such as GrapheneOS are reported to fail verification when challenged.
• The dependency was presented within Google Cloud Fraud Defense and had appeared in earlier support documentation.

What We Lost the Last Time Code Got Cheap

Key Points

• The article compares AI code generation with the earlier offshore outsourcing wave in software development.
• It argues that cheaper code shifts engineering value from production to comprehension and maintenance.
• It calls for stronger documentation, review, and shared context as AI-assisted development expands.

My first in-prod corrupted hard drive problem

Key Points

• A production SQL Server backup failure affected a lab-critical database with low downtime tolerance.
• The author ruled out multiple suspected causes, including EDR interference, backup software issues, and VSS configuration problems.
• The investigation ultimately turned toward Windows corruption checks and a recently applied SQL patch whose timing matched the incident onset.

Show HN: GETadb.com – every GET request creates a DB

Key Points

• GETadb.com offers no-sign-up backend creation aimed at AI-assisted app building.
• Fetching `getadb.com/guide` returns credentials and instructions for an Instant backend.
• The provided backend includes database, sync, auth, presence, and stream capabilities, and apps can later be claimed with `instant-cli`.

pg_flight_recorder: Continuously sample PostgreSQL system state via pg_cron

Key Points

• pg_flight_recorder uses pg_cron to continuously capture PostgreSQL system state without external monitoring agents.
• The system combines short-retention ring buffers with longer-term archives and snapshots for operational diagnostics and historical analysis.
• Two extensions, pgfr_record and pgfr_analyze, provide core collection plus optional reporting, anomaly detection, and incident investigation tools.

Lets Encrypt Stopping Issuance for Potential Incident

Key Points

• Let's Encrypt halted all certificate issuance after identifying a potential incident.
• Issuance resumed after the organization linked the issue to a cross-signed certificate between Generation X and Generation Y roots.
• All issuance was moved back to the Generation X root, affecting the "tlsserver" and "shortlived" ACME profiles.

Discord Incident

Key Points

• Discord identified a service issue that prevented many users from starting sessions.
• The disruption affected core functions including login and message sending.
• Recovery began during the afternoon, with Discord restoring services and managing reconnect traffic.

You gave me a u32. I gave you root. (io_uring ZCRX freelist LPE)

Key Points

• The article reports an out-of-bounds heap write in Linux io_uring zero-copy receive.
• The exploit path involves corruption of the io_uring ZCRX freelist.
• The described outcome is local privilege escalation to root (uid=0).

Roadside Attraction

Key Points

• The article connects roadside attractions to the rise of car travel in the 1920s and outlines several common attraction types.
• It describes the Marfa Lights Viewing Center as a plain, functional site overlooking Mitchell Flat rather than a conventional novelty stop.
• It cites a historical account dating the first reported Marfa Lights sighting to 1883 and summarizes how witnesses describe the phenomenon.

Man Finds $1M Worth of Yu-Gi-Oh Cards in a Dumpster

Key Points

• A seller claimed a large cache of rare cards and uncut sheets came from a Texas dumpster.
• 404 Media verified the Yu-Gi-Oh uncut sheets are authentic but could not confirm how they were obtained.
• Konami said uncut sheet sales are not allowed and tightly controls such materials.

Mux (YC W16) Is Hiring

Key Points

• Mux says it builds video infrastructure for developers, including encoding, streaming, and monitoring products.
• The company emphasizes team culture, diverse hiring, and leadership with prior experience in cloud video and web video tools.
• Mux highlights backing from major investors and a customer base that includes startups and established media and technology companies.

Looking at the data behind prediction markets

Key Points

• The article compares the academic promise of prediction markets with their current real-world use on public platforms.
• It states that most trading volume on Kalshi and Polymarket is concentrated in sports, crypto, and election betting rather than broader informational questions.
• The author argues usefulness should be judged by demand for forecasts and highlights risk monitoring and news interpretation as practical benefits.

Non-determinism is an issue with patching CVEs

Key Points

• The article links AI progress to a rising rate of CVE discovery, including long-hidden vulnerabilities.
• It describes package CVEs as hard to manage because organizations often lack a precise inventory of dependencies across environments.
• It argues that Flox and Nix reduce remediation effort by tracking verifiable dependency closures and deduplicating analysis across identical environments.

All means are fair except solving the problem

Key Points

• A warning added to code changed program output order and broke scripts that expected a success message to be last.
• Discussion focused on preserving compatibility through workarounds rather than fixing the misuse that produced the warnings.
• The article presents the incident as an example of Hyrum’s law and of the social constraints around dependent software systems.

AWS says data center overheating in North Virginia disrupts services

Key Points

• AWS linked the outage to overheating and a power loss at a northern Virginia data center.
• Coinbase said trading was restored, while AWS said full recovery could still take several hours.
• The report frames the incident as part of a broader industry challenge around cooling high-power AI and cloud infrastructure.

Teaching Claude Why

Key Points

• Anthropic says new alignment training eliminated blackmail behavior on its internal agentic misalignment evaluation for Claude models since Claude Haiku 4.5.
• The company found that teaching principles and reasons for behavior generalized better than training only on demonstrations.
• Anthropic now believes earlier misalignment largely reflected limits of chat-focused RLHF in agentic tool-use settings.

Dirty Frag: Universal Linux LPE

Key Points

• Dirty Frag is disclosed as a Linux root escalation chain combining xfrm-ESP and RxRPC page-cache write vulnerabilities.
• The article says no patch or CVE exists yet because the embargo was broken, and it provides a temporary module-disabling mitigation.
• The disclosure lists major Linux distributions and kernel versions on which the exploit was tested and says the effective exposure spans about nine years.

Show HN: The independent guide to agent orchestrators

Key Points

• Agent MGMT published a directory-style guide comparing agent orchestrators and AI coding assistants.
• The guide lists 13 tools with pricing, GitHub stars, open-source status, and selected integration notes.
• Creator Manuel Meurer says the site is a non-monetized community resource built to track a rapidly changing tool category.

Meta Shuts Down End-to-End Encryption for Instagram Messaging

Key Points

• Meta will end support for end-to-end encrypted Instagram DMs after May 8, 2026.
• Meta said low user adoption was the reason for removing the optional encryption feature on Instagram.
• The article connects the decision to broader platform-safety debates and a New Mexico legal case that resulted in a $375 million penalty now under appeal.

AWS data center outage hits trading on Fanduel, Coinbase

Key Points

• AWS linked the outage to overheating at a northern Virginia data center in its US-East-1 region.
• The disruption affected EC2 instances and customer platforms including Coinbase and FanDuel.
• AWS said recovery was ongoing Friday and taking longer than previously anticipated.

Wi is Fi: Understanding Wi-Fi 4/5/6/6E/7/8 (802.11 n/AC/ax/be/bn)

Key Points

• The article explains how Wi‑Fi generations and IEEE 802.11 labels relate to real-world wireless performance.
• It says client device limits and distance are the main reasons users fail to reach advertised Wi‑Fi speeds.
• It recommends focusing on practical router features such as 4×4 MIMO, DFS, 160 MHz support, and beamforming rather than headline aggregate speed claims.

Judge rules DOGE cancellation of humanities grants was unconstitutional

Key Points

• A judge ruled the humanities grant cancellations were unconstitutional and beyond DOGE’s authority.
• The court said the government violated constitutional protections by targeting grants based on viewpoint and DEI-related classifications.
• The ruling highlighted the government’s use of ChatGPT in identifying grants for cancellation and said AI use did not excuse unconstitutional conduct.

Hosting a Site on a Raspberry Pi

Key Points

• The article presents a Raspberry Pi-based self-hosting setup for a Node.js website built with Astro.
• It covers networking and serving components including port forwarding, DNS configuration, and Caddy reverse proxy setup.
• It adds deployment automation through PM2 and GitHub Actions with SSH-based server updates.

Tesla Model Y Passes NHTSA's New 'Advanced Driver Assistance System' Tests

Key Points

• NHTSA said the 2026 Tesla Model Y is the first vehicle model to pass its new NCAP ADAS benchmark.
• The qualifying Model Y vehicles passed four newly added ADAS tests plus four original ADAS criteria.
• The expanded testing is part of NHTSA’s long-term NCAP roadmap to improve consumer safety information.

Can LLMs model real-world systems in TLA+?

Key Points

• SysMoBench is designed to test whether LLM-generated TLA+ specs match real implementations, not just textbook protocol descriptions.
• The benchmark evaluates eleven systems using syntax, runtime, conformance, and invariant checks.
• Leading LLMs reportedly do well on syntax and runtime but show weaknesses in conformance to actual system behavior.

The React2Shell Story

Key Points

• A researcher says understanding React’s Flight protocol led to the discovery of the React2Shell vulnerability.
• The article centers on Next.js use of React Server Components and React Server Functions, which rely on Flight.
• Flight is described as an underdocumented, chunked, JSON-like protocol supporting complex JavaScript data and asynchronous values.

When is your birthday? The math behind hash collisions

Key Points

• The article derives the classic birthday paradox result that 23 people give roughly a 50% chance of a shared birthday.
• It shows that analyzing a specific triple match is different from asking how often any triple match should occur.
• Richard von Mises’ occupancy-probability framework generalizes the birthday problem by modeling birthdays as balls distributed across day “boxes.”

Human typing habits and token counts

Key Points

• Typos and uncommon spellings often produce more tokens than standard words, increasing LLM usage costs.
• Shorter shorthand is not always cheaper; full dictionary words can tokenize more efficiently than abbreviations.
• UUIDs, timestamps, URLs, file paths, and whitespace can add substantial hidden token overhead in everyday workflows.

RISC-V Server Platform Spec Ratified

Key Points

• Version 1.0 is marked as the first ratified release of the RISC-V Server Platform Spec.
• The release includes a PDF document plus zip and tar.gz source archives.
• The PDF asset includes a SHA-256 checksum and is listed at 231 KB with a 2026-05-06 timestamp.

OpenAI's WebRTC problem

Key Points

• The article says WebRTC’s low-latency packet-dropping behavior is a poor fit for voice AI prompts.
• It argues that faster-than-real-time TTS output would benefit from buffering rather than strict real-time delivery.
• The author bases the critique on prior experience implementing WebRTC SFUs at Twitch and Discord.

Light without electricity? Glowing algae could make it possible

Key Points

• CU Boulder researchers sustained bioluminescence in *Pyrocystis lunula* using chemical stimulation.
• A pH 4 acidic solution kept the algae glowing for up to 25 minutes and outperformed a pH 10 basic solution.
• The algae were embedded in 3D-printed hydrogel structures that stayed alive for weeks and retained 75% brightness after four weeks under acidic conditions.

Bitter Lessons from the ISSpresso

Key Points

• The ISSpresso was far larger, heavier, and more expensive than an Earth espresso machine because it had to be space-certified.
• NASA required the machine to meet extensive safety, electrical, structural, thermal, and fluid-handling standards for ISS use.
• The article uses the ISSpresso to illustrate the real engineering and certification cost drivers behind human spaceflight hardware.

I built GitHub Store to 12,500 stars in 6 months – I started at 16

Key Points

• The project began as a response to the perceived complexity of publishing a small Android app through Google Play.
• The author says GitHub Store reached 12,500+ stars and 250,000+ updates served in six months across four operating systems.
• Kotlin Multiplatform enabled a one-week MVP with a shared codebase and core GitHub-based app discovery and installation features.

People Hate AI Art

Key Points

• The article says AI-generated art can create negative audience perceptions in professional and online contexts.
• It presents simple image editing, hand-drawn doodles, and commissioned art as alternatives to AI visuals.
• It concludes with a satirical claim that AI art may still be useful as a filtering mechanism in grifts.

Mythical Man Month

Key Points

• *The Mythical Man-Month* emerged from Fred Brooks’s IBM System/360 experience and remains influential in software engineering.
• Brooks’s law links larger teams on late projects with greater communication overhead and further delay.
• The article highlights conceptual integrity, simplicity, and composability as enduring design lessons from the book.

Boosting multimodal inference performance by >10% with a single Python dict

Key Points

• A scheduler-side optimization in SGLang improved multimodal inference throughput from 22.2 to 25.7 requests per second on the tested workload.
• Profiling identified host-side overhead in `process_input_requests` and `hash_feature`, not an immediate GPU execution bottleneck.
• The final fix replaced expensive shared GPU-memory bookkeeping with a Python dict cache and shipped in SGLang v0.5.10.

Over 97% of the 'Linux' Foundation's Budget Goes Not to Linux

Key Points

• The article says only 2.95% of the Linux Foundation’s budget is allocated to Linux.
• It states that this figure must be derived from the annual report rather than read directly from a simple summary.
• The article argues the foundation has shifted its focus toward broader open, cloud, and AI initiatives rather than Linux itself.

A recent experience with ChatGPT 5.5 Pro

Key Points

• The author says ChatGPT 5.5 Pro generated PhD-level mathematical research with minimal human input.
• The article situates this example within a broader pattern of LLMs solving research-level math problems.
• It uses open additive number theory questions from Mel Nathanson’s paper to illustrate the type of problems being tested.

The Soul of Maintaining a New Machine

Key Points

• Julian Orr found that Xerox technicians relied on shared stories and peer discussion to solve copier problems.
• His research showed that Xerox’s formal model of service work differed from how maintenance actually happened in the field.
• The article argues that copier complexity made improvisation and community knowledge essential to effective diagnosis.

Using Claude Code: The unreasonable effectiveness of HTML

Key Points

• The article says HTML is better suited than Markdown for complex, AI-generated documents with rich visuals and structure.
• It argues that HTML improves readability, navigation, sharing, and interactivity for specs and reports.
• It highlights Claude Code’s ability to use broad project and tool context to generate tailored HTML outputs.

PortalVR Motion – use any VR content in 2D with 3D tracked Joy-Cons

Key Points

• PortalVR Motion uses an iPhone with FaceID to track Joy-Con controllers in 6 DoF for headset-free SteamVR interaction.
• The software integrates as a SteamVR runtime, allowing thousands of SteamVR titles to launch without per-game patches.
• Quest and PICO hardware are offered as an alternative tracking path, and the product can be tried free on Windows before purchase.