AI Summarized Hacker News
Front-page articles summarized hourly.
Access denied: you don’t have permission to access the MathWorks communications page. The message includes a reference code and an EdgeSuite redirect URL.
HN Comments
The author argues the open CTF scene is dead because frontier AI has broken the format. Mid-level challenges are easily solved by models like Claude Opus 4.5 and GPT-5.5, enabling orchestration across many challenges and reducing human skill to prompt-writing. The scoreboard no longer reflects true ability; beginners may be discouraged as automation climbs the ladder. AI-assisted play undermines challenge design and the ladder that drew people into security. While the community remains valuable, new avenues (SecTalks, labs) are needed to stay connected as the format evolves.
HN Comments
The post chronicles a first-year Mines student’s experiments to map and control campus devices via DNS. He brute-forces subdomains, then uses PTR records to map IPs, and later uses AF_XDP-based scanning to probe ports. He ported from Python to Rust for speed, overcoming memory leaks and achieving high throughput. He finds and nominally controls dozens of cameras and campus projectors, reports the findings to IT, and notes the patching of the vulnerabilities; his activity briefly caused a campus DNS outage. AI was used briefly for a Rust issue.
HN Comments
California’s battery arrays discharged just over 12,000 MW—about 12 nuclear plants—meeting over 40% of demand and signaling a rapid shift from gas to batteries for evening peaks. To reach 2045 clean-energy goals, the state needs much more battery capacity and clean generators through 2030–2035, driven by electrification and data-center growth. Policy headwinds include expiring tax credits after 2030/2032 and uncertainty around federal support for offshore wind. Solar remains strong; proposed 21‑GW Valley Clean Infrastructure Project could dramatically boost capacity, requiring transmission upgrades and domestic manufacturing.
HN Comments
Orthrus is a dual-view diffusion framework that preserves exact generation fidelity of autoregressive LLMs while enabling fast parallel token generation. By sharing the same KV cache across the dual views, it delivers up to 7.8x speedups with zero extra memory and only 16% of parameters fine-tuned. It outperforms speculative decoding and diffusion baselines in throughput while maintaining accuracy. The project provides official implementation and model checkpoints (Qwen3 backbones), installation instructions, and a quickstart example, aiming to set a new standard for parallel generation fidelity in LLMs.
HN Comments
The study investigates how mildew contaminates analog tape archives and degrades sound quality. Using ATR-FTIR and SEM, the authors characterized chemical/physical changes on the magnetic tape; they cultured Penicillium and Aspergillus with varying mildew coverage and analyzed resulting audio with Praat. They correlated spectral features and acoustic parameters with mildew coverage and examined surface morphology/roughness via laser microscopy. Findings clarify the mechanism of mildew-induced degradation and inform improved preservation strategies for tape archives.
HN Comments
Calls for web crawlers to identify themselves with a user-agent and to follow the site's robots policy, referencing Wikimedia’s policy and a related Phabricator task (T400119).
HN Comments
Six SQL patterns to catch transaction fraud: 1) Velocity — detect short-time bursts per cardholder with sliding windows. 2) Impossible travel — flag implausible moves between timestamps using haversine and speed thresholds. 3) Amount anomalies — catch round-dollar tests and near-threshold amounts. 4) Suspicious merchants — flag spikes for a merchant against its own baseline. 5) Off-hours — flag unusual hours, requiring at least two in an hour to count. 6) Window functions for chained signals — compose rules with LAG and running totals. Use all patterns together for scoring; start with velocity.
HN Comments
The Gwern.net essay critiques a 2022 New York Times piece on teen vaping, arguing that although every sentence is technically true, the article cleverly frames legal nicotine vapes as the cause of EVALI by conflating nicotine and THC vaping and using selective quotation. It links the 2019 nicotine-vaping moral panic to illicit THC products adulterated with vitamin E acetate, examines FDA regulation and the rise of synthetic nicotine, and shows how framing and narrative structure steer readers toward a harmful causal conclusion.
HN Comments
An author buys a cheap PSP-2000 from Japan via Buyee/Mercari, paying AUD 38.43 for a unit described as "untested" junk. Buyee handles payment and forwarding; domestic shipping and a 3-day international leg to Australia make the process quick. The PSP boots on with firmware 5.50 GEN‑D2, a late-2000s custom firmware, and the author opts to leave it as-is. He adds an OSTENT 1400mAh battery and a replacement battery door (~AUD 10 and 4.29), bringing total to ~AUD 62.14 (~USD 43.93). The device works well and offers a practical retro-gaming experience: original hardware with modern convenience.
HN Comments
Bean Pointing Stick is a fully assembled, 3D-printed pointing-stick mouse from Ploopy. It uses four Omron D2LS-21 buttons, runs QMK with VIA support, and ships preloaded. Preorder price 69.99 CAD; launch date May 6, 2026. Tiers: Early Access (ships now), Tier A (within 8 weeks), Tier B (within 20 weeks). Includes PCB, 3D-printed parts, USB-C cable optional, screws, magnet, friction pads, nub. Ships via Chit Chats; 30-day returns; 1-year warranty. Firmware upgradable with QMK tools.
HN Comments
Researchers claim to have broken AppLovin’s mediation cipher and decrypted thousands of requests. They show that each encrypted bid request carries a device fingerprint payload that can deterministically re-identify the same iPhone across apps even when ATT is denied. The cipher uses a per-publisher sdk_key and a universal salt, with a SplitMix64-based keystream and no MAC, enabling tampering and leaking the encryption timestamp. Decrypted envelopes reveal device_info (~50 fields) and signal_data tokens sent to about a dozen ad networks. The api_did sentinel ('Bad Device ID') reoccurs for ATT-denied users, indicating cross-app fingerprinting beyond IDFA controls and raising privacy concerns.
HN Comments
Dominic Szablewski explains additive blending on the N64. The PSX can simply add sprite colors to the frame buffer, while the N64’s RDP can overflow if writing into 16-bit buffers. The solution: render sprites into a 32-bit RGBA render target, and use the RDP color combiner with fog alpha to draw at 1/8 intensity, enabling true additive blending without wrap. Then convert the 32-bit image to a 16-bit frame buffer on the RSP (about 3.1 ms per frame), preserving memory bandwidth. A GitHub demo: github.com/phoboslab/n64_addblend.
HN Comments
Bird retinas are energetically demanding yet largely avascular. Damsgaard and colleagues measured oxygen in zebra finch, pigeon, and chicken retinas and found the inner retina has no oxygen, relying on anaerobic glycolysis. Spatial transcriptomics and glucose-demand analysis showed the pecten oculi—a radiating, vascular structure—likely pumps glucose to the retina, enabling glycolysis and lactate export. Outer retina uses oxygen; the inner retina uses 2.5× more glucose. The retina’s oxygen-free metabolism likely evolved in dinosaurs/birds to support sharp vision and flight, with broader implications for hypoxia tolerance and medicine.
HN Comments
Epiq is a terminal-native, Vim-inspired issue tracker that renders ASCII kanban and stores work as an immutable event log synchronized via Git. No SaaS or browser; runs inside any Git repo with local-first, instant edits, and keyboard navigation. State is event-sourced and replayable; collaboration uses Git worktrees without a central service. Features: create, move, filter, close/reopen, sync (manual or automatic). Install: npm i -g epiq; run in repo to start an interactive setup; MCP server enables AI tool interactions.
HN Comments
Satirical piece about a devastating npm supply-chain attack that compromised millions of enterprise apps and user data. It mocks the idea that such breaches are unavoidable, citing a sprawling, unvetted 40-level dependency tree as the "price" of modern web apps. While Go and Rust ecosystems report few incidents thanks to robust libraries, npm defends itself, saying there are no effective registry policies or sandbox guardrails, and that the registry runs arbitrary install scripts. The piece closes with a grim note that another breach is inevitable, and developers must remain resilient.
HN Comments
Cerelog’s ESP-EEG is an open-source 8-channel biosensing board (EEG/EMG/ECG) powered by TI ADS1299, marketed for cleaner signal with true closed-loop active bias and priced near OpenBCI’s initial offering (less than half the Cyton’s current price). Software support includes a fork of the OpenBCI GUI via Lab Streaming Layer and BrainFlow. Created by ex-SpaceX hardware engineer Simon Hakimian. Licensing: firmware/software MIT; hardware schematics CC-BY-NC-SA (non-commercial). Caveats: USB only for now (no electrical isolation); Bluetooth/WiFi hardware present but firmware not ready; ESP32 platform with onboard LiPo charging and future WiFi streaming.
HN Comments
Spectre is a low-level, safe systems language with type-level invariants, function pre/postconditions, and default immutability. Contracts are checked at compile time when possible; otherwise runtime checks run under guarded constructs. Memory is manually managed via allocators. It compiles to QBE IR (experimental LLVM/C99 backends) and supports -translate-c to port C code. A Hello, world uses trust for impure IO; safe wrappers avoid trusting. Foreword notes the docs may be out of date.
HN Comments
Shifts from ephedrine-based to P2P meth (2009–2012) boosted supply and changed chemistry. P2P synthesis can yield both d- and l-meth, but modern meth is ~95% d-meth; by 2019 l-meth largely disappeared. Impurities arise mainly from the P2P step; lead acetate contamination does not explain schizophrenia. Two main routes: NTS from nitrostyrene and PAA/EtPA to P2P. The bigger story is greater availability, lower prices, and a rise in heavy meth use and overdoses.
HN Comments
Erlang/OTP 29.0 is a major release with new features and some incompatibilities. Highlights: -unsafe attributes add compiler warnings and xref support for unsafe/undocumented calls; SSH defaults to secure by default (shell/exec disabled; SFTP off). SSL uses mlkem768x25519-sha256 as the default key exchange. io_ansi enables ANSI terminal sequences; ct_doctest tests docs; ignore_xref is handled by xref. Default code path now places the current directory last; no 32‑bit Windows build. New features: native records (experimental), is_integer/3 guard, multi-valued comprehensions with compr_assign. Compiler/JIT improvements and several new default warnings. STDLIB adds rand:shuffle/1 and rand:shuffle_s/2. SSH KEX has fallback for compatibility.
HN Comments
Made by Johno Whitaker using FastHTML