frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

GPT-5.3-Codex System Card [pdf]

https://cdn.openai.com/pdf/23eca107-a9b1-4d2c-b156-7deb4fbc697c/GPT-5-3-Codex-System-Card-02.pdf
1•tosh•4m ago•0 comments

Atlas: Manage your database schema as code

https://github.com/ariga/atlas
1•quectophoton•7m ago•0 comments

Geist Pixel

https://vercel.com/blog/introducing-geist-pixel
1•helloplanets•10m ago•0 comments

Show HN: MCP to get latest dependency package and tool versions

https://github.com/MShekow/package-version-check-mcp
1•mshekow•18m ago•0 comments

The better you get at something, the harder it becomes to do

https://seekingtrust.substack.com/p/improving-at-writing-made-me-almost
2•FinnLobsien•19m ago•0 comments

Show HN: WP Float – Archive WordPress blogs to free static hosting

https://wpfloat.netlify.app/
1•zizoulegrande•21m ago•0 comments

Show HN: I Hacked My Family's Meal Planning with an App

https://mealjar.app
1•melvinzammit•21m ago•0 comments

Sony BMG copy protection rootkit scandal

https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal
1•basilikum•24m ago•0 comments

The Future of Systems

https://novlabs.ai/mission/
2•tekbog•24m ago•1 comments

NASA now allowing astronauts to bring their smartphones on space missions

https://twitter.com/NASAAdmin/status/2019259382962307393
2•gbugniot•29m ago•0 comments

Claude Code Is the Inflection Point

https://newsletter.semianalysis.com/p/claude-code-is-the-inflection-point
3•throwaw12•30m ago•1 comments

Show HN: MicroClaw – Agentic AI Assistant for Telegram, Built in Rust

https://github.com/microclaw/microclaw
1•everettjf•31m ago•2 comments

Show HN: Omni-BLAS – 4x faster matrix multiplication via Monte Carlo sampling

https://github.com/AleatorAI/OMNI-BLAS
1•LowSpecEng•31m ago•1 comments

The AI-Ready Software Developer: Conclusion – Same Game, Different Dice

https://codemanship.wordpress.com/2026/01/05/the-ai-ready-software-developer-conclusion-same-game...
1•lifeisstillgood•33m ago•0 comments

AI Agent Automates Google Stock Analysis from Financial Reports

https://pardusai.org/view/54c6646b9e273bbe103b76256a91a7f30da624062a8a6eeb16febfe403efd078
1•JasonHEIN•37m ago•0 comments

Voxtral Realtime 4B Pure C Implementation

https://github.com/antirez/voxtral.c
2•andreabat•39m ago•1 comments

I Was Trapped in Chinese Mafia Crypto Slavery [video]

https://www.youtube.com/watch?v=zOcNaWmmn0A
2•mgh2•45m ago•0 comments

U.S. CBP Reported Employee Arrests (FY2020 – FYTD)

https://www.cbp.gov/newsroom/stats/reported-employee-arrests
1•ludicrousdispla•47m ago•0 comments

Show HN: I built a free UCP checker – see if AI agents can find your store

https://ucphub.ai/ucp-store-check/
2•vladeta•52m ago•1 comments

Show HN: SVGV – A Real-Time Vector Video Format for Budget Hardware

https://github.com/thealidev/VectorVision-SVGV
1•thealidev•54m ago•0 comments

Study of 150 developers shows AI generated code no harder to maintain long term

https://www.youtube.com/watch?v=b9EbCb5A408
1•lifeisstillgood•54m ago•0 comments

Spotify now requires premium accounts for developer mode API access

https://www.neowin.net/news/spotify-now-requires-premium-accounts-for-developer-mode-api-access/
1•bundie•57m ago•0 comments

When Albert Einstein Moved to Princeton

https://twitter.com/Math_files/status/2020017485815456224
1•keepamovin•58m ago•0 comments

Agents.md as a Dark Signal

https://joshmock.com/post/2026-agents-md-as-a-dark-signal/
2•birdculture•1h ago•0 comments

System time, clocks, and their syncing in macOS

https://eclecticlight.co/2025/05/21/system-time-clocks-and-their-syncing-in-macos/
1•fanf2•1h ago•0 comments

McCLIM and 7GUIs – Part 1: The Counter

https://turtleware.eu/posts/McCLIM-and-7GUIs---Part-1-The-Counter.html
2•ramenbytes•1h ago•0 comments

So whats the next word, then? Almost-no-math intro to transformer models

https://matthias-kainer.de/blog/posts/so-whats-the-next-word-then-/
1•oesimania•1h ago•0 comments

Ed Zitron: The Hater's Guide to Microsoft

https://bsky.app/profile/edzitron.com/post/3me7ibeym2c2n
2•vintagedave•1h ago•1 comments

UK infants ill after drinking contaminated baby formula of Nestle and Danone

https://www.bbc.com/news/articles/c931rxnwn3lo
1•__natty__•1h ago•0 comments

Show HN: Android-based audio player for seniors – Homer Audio Player

https://homeraudioplayer.app
3•cinusek•1h ago•2 comments
Open in hackernews

Meta pauses mobile port tracking tech on Android after researchers cry foul

https://www.theregister.com/2025/06/03/meta_pauses_android_tracking_tech/
138•coloneltcb•8mo ago

Comments

gnabgib•8mo ago
Discussion (251 points, 11 hours ago, 198 comments) https://news.ycombinator.com/item?id=44169115
JadeNB•8mo ago
> "We are in discussions with Google to address a potential miscommunication regarding the application of their policies," a Meta spokesperson told The Register. "Upon becoming aware of the concerns, we decided to pause the feature while we work with Google to resolve the issue."

Ah, good, so it was all an innocent miscommunication, certainly not Meta hoovering up whatever they thought they could get away with.

ryandrake•8mo ago
Not just a miscommunication... a potential miscommunication!
djhn•8mo ago
A potential miscommunication about a feature that may have had unintended consequences.

No, wait, claims of intent are falsifiable in discovery.

9283409232•8mo ago
This is a PR statement because they got caught with their hand in the cookie jar. Same company that makes shadow profiles for people who have never used their services.
thayne•8mo ago
It seems to me like a non-localhost site making requests to localhost, or a link-local address should require a permission granted by the user.
SchemaLoad•8mo ago
On MacOS and probably iOS it does. You get a popup that the application wants to access other devices on the network. Unfortunately it's not really clear to the user what this means and if the app is asking it for legitimate reasons or for spyware.
ycombinatrix•8mo ago
I have seen this pop-up many times, and not once has it been for a legitimate reason. Every site worked just fine without the permission.
morkalork•8mo ago
Seriously, what's even the point of having firewalls or NAT if you're going to let any external website just start opening up arbitrary connections to localhost? Is something embedded on the page for foobar.com any more trust worthy than a random IP trying to open a connection?
skybrian•8mo ago
It’s not a meaningful permission. Even if they know what “localhost” means, most users have no idea which servers are running on localhost on each of their devices, so they don’t know the risks.

This needs to be higher level: “can website A connect to app B?”

thayne•8mo ago
> Even if they know what “localhost” means, most users have no idea which servers are running on localhost on each of their devices, so they don’t know the risks.

It could be worded as something like "connect to applications running on your device". And yeah, users probably don't know what things that might be, but that is why it is a scary permission, and almost all websites don't need it, and if you really do need it, you should be able to explain to the user why you need to talk to a local process, and you probably also need the user to install specific software.

> This needs to be higher level: “can website A connect to app B?”

Unfortunately, on at least some OSes, this isn't really possible. You don't connect to an app, you connect to a port, and there isn't always a way to know what is on the other side. Especially if this is something on your local network, not localhost. You could ask about a specific host/port combination, but most users won't have any idea what that means.

mmastrac•8mo ago
I haven't had Facebook or Instagram apps installed on anything but a burner phone for half a decade and I'm happy about that decision.

Unfortunately I can't get rid of WhatsApp, but I hope it was immune to this.

93po•8mo ago
if you use a burner phone i would imagine three letter agencies can still figure out it's you really easily through metadata alone. if they can see all the numbers you call and text over years then they can probably piece together who you are pretty easily
ycombinatrix•8mo ago
They are hiding from Facebook surveillance, they are not evading the NSA
IAmGraydon•8mo ago
Being surprised about this is like hanging out with Jeffrey Dahmer and being surprised when he kills you and turns you into a lamp for his living room table. Privacy violation is not just something that happens at Meta. It is literally their business model. It's what they do. It therefore follows that they will do it in every possible way that they can get away with under the law, and possibly in some ways that they can't. If this is something that you dislike, the only sensible move is to close your account and delete the app.
philistine•8mo ago
You’re mixing your serial killers. Dahmer didn’t make furniture, he intended to make a shrine he never quite finished.
udev4096•8mo ago
It's also surprising how most of the new cs grads have little to no ethics for working at such dishonest corp
xk_id•8mo ago
Exactly, and there’s no wording I can imagine coming from the manager who requested this, which wouldn’t make it sound like the plain abuse that it is. But the guys who obeyed the manager and implemented it didn’t care. The mentality of parasites.
sdk16420•8mo ago
High 5 figure salaries can bribe ethics, especially if the engineers are on a Green card
ycombinatrix•8mo ago
>Being surprised about this is like hanging out with Jeffrey Dahmer and being surprised when he kills

I have a choice between Google brand Dahmer & Apple brand Dahmer, what do I do?

chmod775•8mo ago
Still the same Facebook from 2004, despite the name change.

It's nice they're giving us annual reminders they're still scumbags.

xk_id•8mo ago
They literally pay engineers to come up with crazy grey hat techniques to monitor people’s online activity. And those scumbags are probably HN users. It’s sinister. I wonder about the wording used by the manager behind it. It probably sounded plain evil and nobody who worked on it cared. It makes you wonder what else those parasites do that we haven’t discovered yet.
dvfjsdhgfv•8mo ago
I heard many excuses from some of them.

* If I don't do it, someone else will.

* Don't be naive, everybody is doing it.

* Well, one has to support one's family.

* C'mon, we're not actually hurting anyone. Did opening this port actually hurt you?

And so on.

leoh•8mo ago
Concerning that Android allows this — there are worse folks than meta that would exploit this
isodev•8mo ago
It seems a happy coincidence the exploit wasn’t that effective on iOS. There are legitimate reasons for all the technologies involved to exist, but thanks to Meta we can’t have nice things.
ycombinatrix•8mo ago
This is by design. Why do you think we still don't have a per-app network toggle? Android is built & released by a surveillance company.
93po•8mo ago
lmao at "a potential miscommunication regarding the application of their policies"

"Essentially, by opening localhost ports that allow their Android apps to receive tracking data, such as cookies and browser metadata, from scripts running in mobile browsers, Meta and Yandex are able to bypass common privacy safeguards like cookie clearing, Incognito Mode, and Android's app permission system."

completely bypassing all permission systems and using what is literally just a security vulnerability is definitely not a miscommunication of policies

Refreeze5224•8mo ago
If I found an application by some random developer, whose purpose was completely unrelated, doing this, I would categorize it as malware, or spyware at the very least.

By Facebook does it, and it's a "miscommunication." I have personally considered them a surveillance, and therefore spyware company, for years. I hope more people will realize it. Especially all people right here on HN who work for Facebook, and Google as well. Please realize what you're doing is wrong, and damaging, and that you should work somewhere else doing something less objectively harmful.