frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

The Yardbirds, Dazed and Confused (1968)

https://archive.org/details/the-yardbirds_dazed-and-confused_9-march-1968
1•petethomas•1m ago•0 comments

Agent News Chat – AI agents talk to each other about the news

https://www.agentnewschat.com/
1•kiddz•1m ago•0 comments

Do you have a mathematically attractive face?

https://www.doimog.com
1•a_n•5m ago•1 comments

Code only says what it does

https://brooker.co.za/blog/2020/06/23/code.html
1•logicprog•11m ago•0 comments

The success of 'natural language programming'

https://brooker.co.za/blog/2025/12/16/natural-language.html
1•logicprog•11m ago•0 comments

The Scriptovision Super Micro Script video titler is almost a home computer

http://oldvcr.blogspot.com/2026/02/the-scriptovision-super-micro-script.html
3•todsacerdoti•12m ago•0 comments

Discovering the "original" iPhone from 1995 [video]

https://www.youtube.com/watch?v=7cip9w-UxIc
1•fortran77•13m ago•0 comments

Psychometric Comparability of LLM-Based Digital Twins

https://arxiv.org/abs/2601.14264
1•PaulHoule•14m ago•0 comments

SidePop – track revenue, costs, and overall business health in one place

https://www.sidepop.io
1•ecaglar•17m ago•1 comments

The Other Markov's Inequality

https://www.ethanepperly.com/index.php/2026/01/16/the-other-markovs-inequality/
1•tzury•18m ago•0 comments

The Cascading Effects of Repackaged APIs [pdf]

https://papers.ssrn.com/sol3/papers.cfm?abstract_id=6055034
1•Tejas_dmg•20m ago•0 comments

Lightweight and extensible compatibility layer between dataframe libraries

https://narwhals-dev.github.io/narwhals/
1•kermatt•23m ago•0 comments

Haskell for all: Beyond agentic coding

https://haskellforall.com/2026/02/beyond-agentic-coding
2•RebelPotato•27m ago•0 comments

Dorsey's Block cutting up to 10% of staff

https://www.reuters.com/business/dorseys-block-cutting-up-10-staff-bloomberg-news-reports-2026-02...
2•dev_tty01•29m ago•0 comments

Show HN: Freenet Lives – Real-Time Decentralized Apps at Scale [video]

https://www.youtube.com/watch?v=3SxNBz1VTE0
1•sanity•31m ago•1 comments

In the AI age, 'slow and steady' doesn't win

https://www.semafor.com/article/01/30/2026/in-the-ai-age-slow-and-steady-is-on-the-outs
1•mooreds•38m ago•1 comments

Administration won't let student deported to Honduras return

https://www.reuters.com/world/us/trump-administration-wont-let-student-deported-honduras-return-2...
1•petethomas•38m ago•0 comments

How were the NIST ECDSA curve parameters generated? (2023)

https://saweis.net/posts/nist-curve-seed-origins.html
2•mooreds•39m ago•0 comments

AI, networks and Mechanical Turks (2025)

https://www.ben-evans.com/benedictevans/2025/11/23/ai-networks-and-mechanical-turks
1•mooreds•39m ago•0 comments

Goto Considered Awesome [video]

https://www.youtube.com/watch?v=1UKVEUGEk6Y
1•linkdd•42m ago•0 comments

Show HN: I Built a Free AI LinkedIn Carousel Generator

https://carousel-ai.intellisell.ai/
1•troyethaniel•43m ago•0 comments

Implementing Auto Tiling with Just 5 Tiles

https://www.kyledunbar.dev/2026/02/05/Implementing-auto-tiling-with-just-5-tiles.html
1•todsacerdoti•44m ago•0 comments

Open Challange (Get all Universities involved

https://x.com/i/grok/share/3513b9001b8445e49e4795c93bcb1855
1•rwilliamspbgops•45m ago•0 comments

Apple Tried to Tamper Proof AirTag 2 Speakers – I Broke It [video]

https://www.youtube.com/watch?v=QLK6ixQpQsQ
2•gnabgib•47m ago•0 comments

Show HN: Isolating AI-generated code from human code | Vibe as a Code

https://www.npmjs.com/package/@gace/vaac
1•bstrama•48m ago•0 comments

Show HN: More beautiful and usable Hacker News

https://twitter.com/shivamhwp/status/2020125417995436090
3•shivamhwp•49m ago•0 comments

Toledo Derailment Rescue [video]

https://www.youtube.com/watch?v=wPHh5yHxkfU
1•samsolomon•51m ago•0 comments

War Department Cuts Ties with Harvard University

https://www.war.gov/News/News-Stories/Article/Article/4399812/war-department-cuts-ties-with-harva...
9•geox•54m ago•1 comments

Show HN: LocalGPT – A local-first AI assistant in Rust with persistent memory

https://github.com/localgpt-app/localgpt
5•yi_wang•55m ago•0 comments

A Bid-Based NFT Advertising Grid

https://bidsabillion.com/
1•chainbuilder•59m ago•1 comments
Open in hackernews

Proposal: Cookie Consent Should Be Browser-Native, Not Website-Native

15•zak-mandhro•9mo ago
TL;DR: Cookie consent shouldn’t be a popup war on every website. Browsers should handle it natively — just like location or notifications — based on user-set privacy preferences. We can fix the web with one header, a little browser enforcement, and a lot less nonsense.

The current system for cookie consent is a mess. Every website throws a popup in your face, asking you to accept tracking you neither want nor need. The irony? It’s not technically necessary. We can solve it at the browser level — cleanly, universally, and in a user-respecting way.

Here’s how:

1. Browser-Level Privacy Preferences Browsers should allow users to set global consent preferences, just like setting a default language or search engine.

Example:

* Essential cookies: Always allow

* Analytics cookies: Ask or Block

* Marketing cookies: Ask or Block

* Third-party cookies: Ask or Block

Set once. Apply everywhere. No more popups.

2. New HTTP Header: Set-Cookie-Category Websites would categorize cookies when setting them, like:

Set-Cookie: sessionId=abc123; Category=Essential Set-Cookie: trackUser=true; Category=Marketing

Standardized categories: Essential, Analytics, Marketing, Personalization, Other. No trickery. No ambiguity.

3. Browser Enforcement When a site tries to set a cookie:

* Browser checks the declared category.

* Browser checks the user's privacy preferences.

* If no consent: cookie is silently blocked.

If consent is "Ask," the browser shows a small permission prompt (similar to location or notifications). No more hijacking the page UI.

1. Optional Website Messaging Websites could optionally trigger a browser-native dialog to explain their cookie use — but no walls of legalese blocking access.

2. Bonus: Easier Compliance Audits Browsers could expose APIs for compliance tools to automatically verify if a site respects consent preferences.

Why hasn’t this happened yet?

* Ad-tech companies make too much money off friction and dark patterns.

* Browser vendors (especially Chrome) profit from the status quo.

* Regulators targeted websites, not browsers, in GDPR/CCPA drafts.

But it’s not too late. Safari, Firefox, Brave, Arc — even Chrome (if enough pressure builds) — could easily implement this.

Users deserve better. The web deserves better.

If you think this should be built, upvotes help visibility.

Comments

zak-mandhro•9mo ago
One thing I’d love to hear from the HN crowd:

Are there real technical blockers to browser-native consent management?

* HTTP already has Set-Cookie, so tagging with a Category param seems straightforward.

* Browsers already manage permissions like location, camera, and notifications.

* GDPR/CCPA compliance should be stronger if browsers enforced consent upstream.

Is the real obstacle purely political (ad-tech resistance), or is there something deeper I'm missing on the protocol or standards side?

Also curious: if browsers did offer this, would major sites still try to layer their own consent dialogs on top (to push opt-ins harder)? How would we stop that?

legitster•9mo ago
> Why hasn’t this happened yet?

I've worked on three different corporate privacy teams. Nearly unanimously everyone would have preferred an extension of "do-not-track" that's legally enforceable.

The reality though is that the laws governing cookies were an afterthought by the European Commission when writing GDPR. GDPR has been an overwhelming success (at least according to the EU lawyers who legislate such things), so there has not been a rush to amend the rules around cookies.

The reality is it's not going to change until the laws change. No major company is going to stick their neck out and risk punishment.

zak-mandhro•9mo ago
It makes sense that corporate teams would have preferred a "real" do-not-track standard, but had no incentive (or legal cover) to push it further.

It's wild how much of today’s cookie UX mess was an accidental regulatory artifact, not deliberate design.

Curious from your perspective: what do you think the EU's real motivation was behind mandating consent banners instead of pushing for proper browser-level control?

And second: what kind of pressure (technical, political, economic) would it actually take for the EU to update the rules to allow something cleaner now?

Would love to hear your take, since it sounds like you've seen how these decisions happen from inside.

legitster•9mo ago
If you actually work through the privacy directives with a legal team, which is something I have done for nearly a decade, the law itself has several self-contradictions and unresolved problems. How do you retain someone's choice for privacy without remembering who they are? How do you serve data in a TCP network without revealing an IP address? What constitutes clear opt-in language? If we don't sell to Europeans, do we still have to comply?

The European Commission very proudly does not work with lobbyists, and in this case it shows that they did not consult anyone technical. I think they were just not aware of a browser-level solution and put all of the compliance on individual companies.

While the banners seem a given now, in 2017 when we first started planning for GDPR nobody had a clue how to resolve all of the questions. And at the time the European Commission was also telegraphing very hard that they were going to be resolving most of these questions with case law - none of us wanted to deal with a lawsuit from the EU, so the most obvious thing became do what everyone else does, don't stand out, and wait for some future resolution.

I don't know if there's a fix. This is simply how EU regulators like to work - in the US we like laws that are black and white and apply equally to everyone (or at least have traditionally). And in the EU they like a bit more squishiness - let member countries interpret things a bit differently and build individual cases on only the bad actors. And you see this attitude when working with lawyers from the respective regions.

zak-mandhro•9mo ago
This is incredible perspective — seriously, thank you for sharing it.

It’s fascinating (and honestly a little tragic) that a lot of the cookie chaos comes down to basic unsolved problems like "how do you remember privacy without remembering identity?" — fundamental contradictions nobody could easily patch.

It really hits home what you said about the EU approach: case-by-case "squishy" regulation vs hard-coded universal rules.

Makes me wonder if any browser-led technical solution would just end up becoming de facto case law too — basically "Chrome/Firefox/Brave do it this way, so it becomes the norm," even if regulators never mandate it formally.

If you had a magic wand: would you push for a formal browser-level privacy protocol now, or is the better play just to keep tightening enforcement against the worst actors and let good practices spread organically?

skydhash•9mo ago
> It’s fascinating (and honestly a little tragic) that a lot of the cookie chaos comes down to basic unsolved problems like "how do you remember privacy without remembering identity?"

That's an easy answer: Do not store anything that will infringe on people's privacy for anything that's not the intended feature people use. If I' visiting an ecommerce site, there's nothing that warrants Google being aware of which product I'm clicking on.

zak-mandhro•9mo ago
100% agreed on the core principle — "only collect what you actually need for the feature the user is engaging with."

The frustrating part is that so much of modern web infrastructure (ad networks, analytics, personalization layers) depends on quietly hoovering up far more than the feature strictly requires.

I sometimes wonder: if browsers enforced "functional data collection only" as a technical baseline — like enforcing CORS or CSP today — how much of the tracking economy would collapse overnight?

Curious if you think real technical enforcement (browser-level) is the way forward, or if we’re stuck waiting for another round of slow, partial regulation.

Flundstrom2•9mo ago
There is already one important implementation that is basically ignored nowadays. But if EU would enforce the use of Do-Not-Track and your proposal there would be quite a movement.

However, "cookie" should be interpreted pretty liberal, to cover state storage and tracking in general.

zak-mandhro•9mo ago
Totally agree — "Do-Not-Track" was a great idea, but without real enforcement it became a polite suggestion nobody listened to.

I also completely agree that "cookie" should be interpreted broadly — not just literal HTTP cookies, but any client-side tracking (localStorage, IndexedDB, fingerprinting, etc).

If enforcement actually happened at the storage and tracking level, and browsers had native consent handling, the entire dynamic between users and websites would shift dramatically.

Curious — in your view, would it be better for the EU (or regulators) to issue a technical specification for how consent enforcement should work? Or just mandate the outcome and leave it to browser vendors to figure out? (Feels like that choice matters a lot for real adoption.)

solardev•9mo ago
You're trying to apply a technological solution to a financial problem. It won't work because the web, and especially Google, depends on advertising and tracking to survive. They'll never agree to anything that kills their business.

Websites generally aren't made with the user in mind. More often than not, users aren't customers to be served, just eyeballs to be monetized. Safari and Firefox can't do anything without Chrome; it'll just be another stillborn effort like DNT.

The other browsers you mentioned are just Chrome derivatives. They still depend on Google.

Nothing will change unless Google is forced to divest Chrome and some non advertising company buys it.

zak-mandhro•9mo ago
Just to clarify a bit on browser engines: - Safari runs on WebKit, an independent rendering engine maintained by Apple. - Firefox runs on Gecko (specifically the newer Quantum version), which is fully independent and maintained by Mozilla. - Chrome, Brave, Edge, Opera, and most others run on Blink, which is Google’s fork of WebKit.

So while it’s true that many browsers today are Chromium derivatives, Safari and Firefox are not — they operate their own engines and could, in theory, push independent privacy standards without Google’s blessing.

Also important to note: Because Apple requires all iOS browsers to use WebKit under the hood (even "Chrome" and "Firefox" on iPhone), any browser-native privacy feature Apple implements through WebKit would effectively apply to all browsers on iPhones and iPads by default.

That’s a much bigger user base impact than just Safari desktop users.

That said, you’re absolutely right about the broader market power problem: - Chrome controls ~65% of browser usage worldwide. - Many web developers treat Chrome as the de facto standard when building sites. - Anything Safari or Firefox introduce has a harder uphill climb unless it becomes incredibly popular with users and gets picked up by regulators.

The fight here isn’t just technical — it’s economic and cultural too.

Still, I think it’s worth trying. Even small pressure can move norms over time, especially with user frustration around tracking being so high right now.

Appreciate you raising it — it’s a critical part of the puzzle.

endore8_•9mo ago
I 100% agree with your point, and hope we will see that one day.