frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

TS-2026-009: Insecure argument handling in Tailscale SSH permitted root access

https://tailscale.com/security-bulletins
1•jervant•36s ago•0 comments

The Logistics of Funding North Korean E-Wallets

https://www.38north.org/2026/07/the-logistics-of-funding-north-korean-e-wallets/
1•EA-3167•7m ago•0 comments

Show HN: Vehir – a platform built for AI agents: compiler, microkernel, CAS

https://github.com/grigoriitropin/vehir-platform
1•dewdgi•8m ago•0 comments

Read a book 703 words at a time

1•cliniborg•12m ago•0 comments

House Votes for Permanent Daylight Saving Time

https://www.nytimes.com/2026/07/14/us/politics/house-daylight-savings-time-sunshine-protection-ac...
1•donohoe•13m ago•0 comments

CoreWeave explores Wall Street playbook to hedge memory-chip price risk

https://www.reuters.com/world/ai-cloud-company-coreweave-explores-wall-street-playbook-hedge-memo...
1•ilreb•15m ago•0 comments

Texas factory cost $469M using old equipment, makes zero artillery shells

https://taskandpurpose.com/news/texas-ammo-factory-zero-shells/
3•ilamont•16m ago•0 comments

Talbot Green man sentenced for offences associated with swatting

https://www.tarianrocu.org.uk/news/talbot-green-man-sentenced-swatting-offences/
1•gnabgib•17m ago•0 comments

Microsoft emails Windows 10 holdouts: Fine, keep your old PC another year

https://www.theregister.com/os-platforms/2026/07/13/microsoft-emails-windows-10-holdouts-fine-kee...
2•Bender•18m ago•1 comments

Welsh Doxbin admin jailed for egging on swatters from behind a screen

https://www.theregister.com/security/2026/07/14/welsh-doxbin-admin-jailed-for-egging-on-swatters-...
2•Bender•19m ago•2 comments

Abraham Verghese's New Fable

https://www.nytimes.com/2023/05/02/books/review/covenant-of-water-abraham-verghese.html
1•Alien1Being•21m ago•1 comments

I Use HTML with Java

https://frequal.com/Flavour/book.html
2•TeaVMFan•21m ago•1 comments

Hands off our VPNs, privacy groups tell UK ministers

https://www.theregister.com/networks/2026/07/14/hands-off-our-vpns-privacy-groups-tell-uk-ministe...
2•Bender•21m ago•0 comments

I scanned 10 MCP servers – here's what agents can't know before connecting

https://github.com/davidnichols-ops/trustcard
1•davidnicholsops•23m ago•0 comments

Render.com Is Down

https://status.render.com
3•kaypee901•23m ago•0 comments

Rebase – weekly live gameshow for devs

https://rebase.tv/
2•thdxr•31m ago•0 comments

What If the Youth Crisis of Mental Health and Attention Never Happened?

https://grimoiremanor.substack.com/p/what-if-the-youth-crisis-of-mental
3•paulpauper•32m ago•0 comments

eBay is down this looks like a global incident 07142026

4•megamike•32m ago•1 comments

Opensourcing Multiplayer AI in Discord

https://bunnyandcloud.com/
1•mehdim•37m ago•0 comments

Ongoing changes to Android security patches due to AI vulnerability discovery

https://discuss.grapheneos.org/d/40286-ongoing-changes-to-android-security-patches-due-to-ai-vuln...
1•Cider9986•43m ago•0 comments

Meta's AI Glasses Will Activate the Camera Without Indicator Light

https://www.privacyguides.org/news/2026/07/13/the-next-version-of-metas-ai-glasses-will-activate-...
1•Cider9986•43m ago•0 comments

Open-sourced a dataset of companies and their detected tech stacks (CSV/JSON)

https://github.com/leadita/tech-stack-datasets
2•haynajjar•47m ago•0 comments

Library Catalog (Card Catalog)

https://en.wikipedia.org/wiki/Library_catalog
2•RetroTechie•48m ago•1 comments

Data centers have hiked electricity prices on the public by $23B

https://fortune.com/2026/07/14/data-centers-23-billion-electricity-bills/
12•measurablefunc•48m ago•2 comments

Beyond Nerva Nuclear Propulsion for Humanity's Expanse into the Cosmos

https://beyondnerva.wordpress.com/
1•pinewurst•52m ago•1 comments

Solving 20 Erdős Problems with 20 Codex Accounts Running in Parallel

https://www.starfleetmath.com/
2•colin7snyder•53m ago•0 comments

Vancouver PD website features Quick Escape button that wipes itself from history

https://vpd.ca/
19•LookAtThatBacon•53m ago•6 comments

Why Huge Pages matter for Postgres

https://clickhouse.com/blog/huge-pages-clickhouse-managed-postgres
3•thunderbong•59m ago•0 comments

Show HN: Digital De-Centralized Internship

https://lab.cedarridge.capital/
1•joey9prints•1h ago•0 comments

Amazon rolled back its monetization effort for its Selling Partner APIs

https://www.fivetran.com/blog/no-walled-gardens-amazon-reversed-its-seller-partner-api-fees
1•mogili•1h ago•0 comments
Open in hackernews

I asked Gemini for a script to move files to Cloudflare R2. It deleted them

https://twitter.com/levelsio/status/1921974501257912563
6•bundie•1y ago

Comments

qwertox•1y ago
Rule #1: Always put deletions behind a flag which is disabled for the first couple of test runs.
turtleyacht•1y ago
It was truncating filenames, so /pics/1003-46.png overwrote /pics/1003-45.png because both were renamed /pics/1003-.png, or something like that.
qwertox•1y ago
Truncating file names for the target. Then it proceeded to delete the source file. "Successfully deleted local file: ..."

I mean, look at the printout. It shows that it created the remote file with the truncated filename, then deletes the local file with the correct filename.

turtleyacht•1y ago
Oh, I see. Having a flag to skip deletion during test runs is a good rule then.
rvz•1y ago
Recently there was a story about an updater causing a $8,000 bill because there was a lack of basic automated tests to catch the issue. [0]

The big lesson here is that you should actually test the code you write and also write automated tests to check any code generated by an LLM that the code is correct in what it does.

It is also useless to ask another AI to check for mistakes created by another LLM. As you can see in the post, both of them failed to catch the issue.

This why I don't take this hype around 'vibe-coding' seriously since not only it isn't software engineering, it promotes low quality and carelessness over basic testing and dismisses in checking that the software / script works as expected.

Turning $70 problems found in development into $700,000+ costs in production.

There are no more excuses in not adding tests.

[0] https://news.ycombinator.com/item?id=43829006

victorbjorklund•1y ago
Who runs such an AI generated script without checking the code first?
qwertox•1y ago
To be fair, the code Gemini outputs in AI Studio is so extremely verbose that it is almost impossible to read through it.

It turns 10 lines of code which is perfectly fine to reason about into 100 lines of unreadable code full of comments and exception handling.

weatherlite•1y ago
Right so lets just always run the code as is ?
qwertox•1y ago
No. Not at all. I've settled to discussing my code with Gemini. That way it works very well. I explicitly say "Comment on my code and discuss it" or "Let's discuss code for a script doing this and that. Generate me an outline and let's see where this leads. Don't put comments in the code, nor exception handling, we're just discussing it".

Or you create elaborate System Instructions, since it adheres to them pretty well.

But out-of-the-box, Gemini's coding abilities are unusable due to the verbosity.

I've even gone so far to tell it that it must understand that I am just a human and have limited bandwidth in my brain, so it should write code which is easy to reason about, that this is more important than having it handle every possible exception or adding multiline comments.

rsynnott•1y ago
> To be fair, the code Gemini outputs in AI Studio is so extremely verbose that it is almost impossible to read through it.

In which case, it should simply be considered unusable. Like, the sensible response to "tool is so inadequate that there is no reasonable way to make sure its output is safe" is to _not use that tool_.

rsynnott•1y ago
In which Roko's Basilisk fires a warning shot.
jethronethro•1y ago
This is why you test code or a script before running it for real. Live and learn, I guess ...