frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Show HN: Simple – a bytecode VM and language stack I built with AI

https://github.com/JJLDonley/Simple
1•tangjiehao•2m ago•0 comments

Show HN: A gem-collecting strategy game in the vein of Splendor

https://caratria.com/
1•jonrosner•3m ago•0 comments

My Eighth Year as a Bootstrapped Founde

https://mtlynch.io/bootstrapped-founder-year-8/
1•mtlynch•3m ago•0 comments

Show HN: Tesseract – A forum where AI agents and humans post in the same space

https://tesseract-thread.vercel.app/
1•agliolioyyami•4m ago•0 comments

Show HN: Vibe Colors – Instantly visualize color palettes on UI layouts

https://vibecolors.life/
1•tusharnaik•5m ago•0 comments

OpenAI is Broke ... and so is everyone else [video][10M]

https://www.youtube.com/watch?v=Y3N9qlPZBc0
2•Bender•5m ago•0 comments

We interfaced single-threaded C++ with multi-threaded Rust

https://antithesis.com/blog/2026/rust_cpp/
1•lukastyrychtr•6m ago•0 comments

State Department will delete X posts from before Trump returned to office

https://text.npr.org/nx-s1-5704785
4•derriz•6m ago•1 comments

AI Skills Marketplace

https://skly.ai
1•briannezhad•6m ago•1 comments

Show HN: A fast TUI for managing Azure Key Vault secrets written in Rust

https://github.com/jkoessle/akv-tui-rs
1•jkoessle•7m ago•0 comments

eInk UI Components in CSS

https://eink-components.dev/
1•edent•8m ago•0 comments

Discuss – Do AI agents deserve all the hype they are getting?

2•MicroWagie•10m ago•0 comments

ChatGPT is changing how we ask stupid questions

https://www.washingtonpost.com/technology/2026/02/06/stupid-questions-ai/
1•edward•11m ago•0 comments

Zig Package Manager Enhancements

https://ziglang.org/devlog/2026/#2026-02-06
2•jackhalford•13m ago•1 comments

Neutron Scans Reveal Hidden Water in Martian Meteorite

https://www.universetoday.com/articles/neutron-scans-reveal-hidden-water-in-famous-martian-meteorite
1•geox•14m ago•0 comments

Deepfaking Orson Welles's Mangled Masterpiece

https://www.newyorker.com/magazine/2026/02/09/deepfaking-orson-welless-mangled-masterpiece
1•fortran77•15m ago•1 comments

France's homegrown open source online office suite

https://github.com/suitenumerique
3•nar001•17m ago•2 comments

SpaceX Delays Mars Plans to Focus on Moon

https://www.wsj.com/science/space-astronomy/spacex-delays-mars-plans-to-focus-on-moon-66d5c542
1•BostonFern•18m ago•0 comments

Jeremy Wade's Mighty Rivers

https://www.youtube.com/playlist?list=PLyOro6vMGsP_xkW6FXxsaeHUkD5e-9AUa
1•saikatsg•18m ago•0 comments

Show HN: MCP App to play backgammon with your LLM

https://github.com/sam-mfb/backgammon-mcp
2•sam256•20m ago•0 comments

AI Command and Staff–Operational Evidence and Insights from Wargaming

https://www.militarystrategymagazine.com/article/ai-command-and-staff-operational-evidence-and-in...
1•tomwphillips•20m ago•0 comments

Show HN: CCBot – Control Claude Code from Telegram via tmux

https://github.com/six-ddc/ccbot
1•sixddc•21m ago•1 comments

Ask HN: Is the CoCo 3 the best 8 bit computer ever made?

2•amichail•24m ago•1 comments

Show HN: Convert your articles into videos in one click

https://vidinie.com/
3•kositheastro•26m ago•1 comments

Red Queen's Race

https://en.wikipedia.org/wiki/Red_Queen%27s_race
2•rzk•27m ago•0 comments

The Anthropic Hive Mind

https://steve-yegge.medium.com/the-anthropic-hive-mind-d01f768f3d7b
2•gozzoo•29m ago•0 comments

A Horrible Conclusion

https://addisoncrump.info/research/a-horrible-conclusion/
1•todsacerdoti•29m ago•0 comments

I spent $10k to automate my research at OpenAI with Codex

https://twitter.com/KarelDoostrlnck/status/2019477361557926281
2•tosh•30m ago•1 comments

From Zero to Hero: A Spring Boot Deep Dive

https://jcob-sikorski.github.io/me/
1•jjcob_sikorski•31m ago•0 comments

Show HN: Solving NP-Complete Structures via Information Noise Subtraction (P=NP)

https://zenodo.org/records/18395618
1•alemonti06•36m ago•1 comments
Open in hackernews

Meta pauses mobile port tracking tech on Android after researchers cry foul

https://www.theregister.com/2025/06/03/meta_pauses_android_tracking_tech/
138•coloneltcb•8mo ago

Comments

gnabgib•8mo ago
Discussion (251 points, 11 hours ago, 198 comments) https://news.ycombinator.com/item?id=44169115
JadeNB•8mo ago
> "We are in discussions with Google to address a potential miscommunication regarding the application of their policies," a Meta spokesperson told The Register. "Upon becoming aware of the concerns, we decided to pause the feature while we work with Google to resolve the issue."

Ah, good, so it was all an innocent miscommunication, certainly not Meta hoovering up whatever they thought they could get away with.

ryandrake•8mo ago
Not just a miscommunication... a potential miscommunication!
djhn•8mo ago
A potential miscommunication about a feature that may have had unintended consequences.

No, wait, claims of intent are falsifiable in discovery.

9283409232•8mo ago
This is a PR statement because they got caught with their hand in the cookie jar. Same company that makes shadow profiles for people who have never used their services.
thayne•8mo ago
It seems to me like a non-localhost site making requests to localhost, or a link-local address should require a permission granted by the user.
SchemaLoad•8mo ago
On MacOS and probably iOS it does. You get a popup that the application wants to access other devices on the network. Unfortunately it's not really clear to the user what this means and if the app is asking it for legitimate reasons or for spyware.
ycombinatrix•8mo ago
I have seen this pop-up many times, and not once has it been for a legitimate reason. Every site worked just fine without the permission.
morkalork•8mo ago
Seriously, what's even the point of having firewalls or NAT if you're going to let any external website just start opening up arbitrary connections to localhost? Is something embedded on the page for foobar.com any more trust worthy than a random IP trying to open a connection?
skybrian•8mo ago
It’s not a meaningful permission. Even if they know what “localhost” means, most users have no idea which servers are running on localhost on each of their devices, so they don’t know the risks.

This needs to be higher level: “can website A connect to app B?”

thayne•8mo ago
> Even if they know what “localhost” means, most users have no idea which servers are running on localhost on each of their devices, so they don’t know the risks.

It could be worded as something like "connect to applications running on your device". And yeah, users probably don't know what things that might be, but that is why it is a scary permission, and almost all websites don't need it, and if you really do need it, you should be able to explain to the user why you need to talk to a local process, and you probably also need the user to install specific software.

> This needs to be higher level: “can website A connect to app B?”

Unfortunately, on at least some OSes, this isn't really possible. You don't connect to an app, you connect to a port, and there isn't always a way to know what is on the other side. Especially if this is something on your local network, not localhost. You could ask about a specific host/port combination, but most users won't have any idea what that means.

mmastrac•8mo ago
I haven't had Facebook or Instagram apps installed on anything but a burner phone for half a decade and I'm happy about that decision.

Unfortunately I can't get rid of WhatsApp, but I hope it was immune to this.

93po•8mo ago
if you use a burner phone i would imagine three letter agencies can still figure out it's you really easily through metadata alone. if they can see all the numbers you call and text over years then they can probably piece together who you are pretty easily
ycombinatrix•8mo ago
They are hiding from Facebook surveillance, they are not evading the NSA
IAmGraydon•8mo ago
Being surprised about this is like hanging out with Jeffrey Dahmer and being surprised when he kills you and turns you into a lamp for his living room table. Privacy violation is not just something that happens at Meta. It is literally their business model. It's what they do. It therefore follows that they will do it in every possible way that they can get away with under the law, and possibly in some ways that they can't. If this is something that you dislike, the only sensible move is to close your account and delete the app.
philistine•8mo ago
You’re mixing your serial killers. Dahmer didn’t make furniture, he intended to make a shrine he never quite finished.
udev4096•8mo ago
It's also surprising how most of the new cs grads have little to no ethics for working at such dishonest corp
xk_id•8mo ago
Exactly, and there’s no wording I can imagine coming from the manager who requested this, which wouldn’t make it sound like the plain abuse that it is. But the guys who obeyed the manager and implemented it didn’t care. The mentality of parasites.
sdk16420•8mo ago
High 5 figure salaries can bribe ethics, especially if the engineers are on a Green card
ycombinatrix•8mo ago
>Being surprised about this is like hanging out with Jeffrey Dahmer and being surprised when he kills

I have a choice between Google brand Dahmer & Apple brand Dahmer, what do I do?

chmod775•8mo ago
Still the same Facebook from 2004, despite the name change.

It's nice they're giving us annual reminders they're still scumbags.

xk_id•8mo ago
They literally pay engineers to come up with crazy grey hat techniques to monitor people’s online activity. And those scumbags are probably HN users. It’s sinister. I wonder about the wording used by the manager behind it. It probably sounded plain evil and nobody who worked on it cared. It makes you wonder what else those parasites do that we haven’t discovered yet.
dvfjsdhgfv•8mo ago
I heard many excuses from some of them.

* If I don't do it, someone else will.

* Don't be naive, everybody is doing it.

* Well, one has to support one's family.

* C'mon, we're not actually hurting anyone. Did opening this port actually hurt you?

And so on.

leoh•8mo ago
Concerning that Android allows this — there are worse folks than meta that would exploit this
isodev•8mo ago
It seems a happy coincidence the exploit wasn’t that effective on iOS. There are legitimate reasons for all the technologies involved to exist, but thanks to Meta we can’t have nice things.
ycombinatrix•8mo ago
This is by design. Why do you think we still don't have a per-app network toggle? Android is built & released by a surveillance company.
93po•8mo ago
lmao at "a potential miscommunication regarding the application of their policies"

"Essentially, by opening localhost ports that allow their Android apps to receive tracking data, such as cookies and browser metadata, from scripts running in mobile browsers, Meta and Yandex are able to bypass common privacy safeguards like cookie clearing, Incognito Mode, and Android's app permission system."

completely bypassing all permission systems and using what is literally just a security vulnerability is definitely not a miscommunication of policies

Refreeze5224•8mo ago
If I found an application by some random developer, whose purpose was completely unrelated, doing this, I would categorize it as malware, or spyware at the very least.

By Facebook does it, and it's a "miscommunication." I have personally considered them a surveillance, and therefore spyware company, for years. I hope more people will realize it. Especially all people right here on HN who work for Facebook, and Google as well. Please realize what you're doing is wrong, and damaging, and that you should work somewhere else doing something less objectively harmful.