frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

TOSTracker – The AI Training Asymmetry

https://tostracker.app/analysis/ai-training
1•tldrthelaw•2m ago•0 comments

The Devil Inside GitHub

https://blog.melashri.net/micro/github-devil/
1•elashri•3m ago•0 comments

Show HN: Distill – Migrate LLM agents from expensive to cheap models

https://github.com/ricardomoratomateos/distill
1•ricardomorato•3m ago•0 comments

Show HN: Sigma Runtime – Maintaining 100% Fact Integrity over 120 LLM Cycles

https://github.com/sigmastratum/documentation/tree/main/sigma-runtime/SR-053
1•teugent•3m ago•0 comments

Make a local open-source AI chatbot with access to Fedora documentation

https://fedoramagazine.org/how-to-make-a-local-open-source-ai-chatbot-who-has-access-to-fedora-do...
1•jadedtuna•4m ago•0 comments

Introduce the Vouch/Denouncement Contribution Model by Mitchellh

https://github.com/ghostty-org/ghostty/pull/10559
1•samtrack2019•5m ago•0 comments

Software Factories and the Agentic Moment

https://factory.strongdm.ai/
1•mellosouls•5m ago•1 comments

The Neuroscience Behind Nutrition for Developers and Founders

https://comuniq.xyz/post?t=797
1•01-_-•5m ago•0 comments

Bang bang he murdered math {the musical } (2024)

https://taylor.town/bang-bang
1•surprisetalk•5m ago•0 comments

A Night Without the Nerds – Claude Opus 4.6, Field-Tested

https://konfuzio.com/en/a-night-without-the-nerds-claude-opus-4-6-in-the-field-test/
1•konfuzio•8m ago•0 comments

Could ionospheric disturbances influence earthquakes?

https://www.kyoto-u.ac.jp/en/research-news/2026-02-06-0
1•geox•9m ago•0 comments

SpaceX's next astronaut launch for NASA is officially on for Feb. 11 as FAA clea

https://www.space.com/space-exploration/launches-spacecraft/spacexs-next-astronaut-launch-for-nas...
1•bookmtn•10m ago•0 comments

Show HN: One-click AI employee with its own cloud desktop

https://cloudbot-ai.com
1•fainir•13m ago•0 comments

Show HN: Poddley – Search podcasts by who's speaking

https://poddley.com
1•onesandofgrain•13m ago•0 comments

Same Surface, Different Weight

https://www.robpanico.com/articles/display/?entry_short=same-surface-different-weight
1•retrocog•16m ago•0 comments

The Rise of Spec Driven Development

https://www.dbreunig.com/2026/02/06/the-rise-of-spec-driven-development.html
2•Brajeshwar•20m ago•0 comments

The first good Raspberry Pi Laptop

https://www.jeffgeerling.com/blog/2026/the-first-good-raspberry-pi-laptop/
3•Brajeshwar•20m ago•0 comments

Seas to Rise Around the World – But Not in Greenland

https://e360.yale.edu/digest/greenland-sea-levels-fall
2•Brajeshwar•20m ago•0 comments

Will Future Generations Think We're Gross?

https://chillphysicsenjoyer.substack.com/p/will-future-generations-think-were
1•crescit_eundo•24m ago•1 comments

State Department will delete Xitter posts from before Trump returned to office

https://www.npr.org/2026/02/07/nx-s1-5704785/state-department-trump-posts-x
2•righthand•27m ago•1 comments

Show HN: Verifiable server roundtrip demo for a decision interruption system

https://github.com/veeduzyl-hue/decision-assistant-roundtrip-demo
1•veeduzyl•28m ago•0 comments

Impl Rust – Avro IDL Tool in Rust via Antlr

https://www.youtube.com/watch?v=vmKvw73V394
1•todsacerdoti•28m ago•0 comments

Stories from 25 Years of Software Development

https://susam.net/twenty-five-years-of-computing.html
3•vinhnx•29m ago•0 comments

minikeyvalue

https://github.com/commaai/minikeyvalue/tree/prod
3•tosh•33m ago•0 comments

Neomacs: GPU-accelerated Emacs with inline video, WebKit, and terminal via wgpu

https://github.com/eval-exec/neomacs
1•evalexec•38m ago•0 comments

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

https://moli-green.is/
2•ShinyaKoyano•42m ago•1 comments

How I grow my X presence?

https://www.reddit.com/r/GrowthHacking/s/UEc8pAl61b
2•m00dy•44m ago•0 comments

What's the cost of the most expensive Super Bowl ad slot?

https://ballparkguess.com/?id=5b98b1d3-5887-47b9-8a92-43be2ced674b
1•bkls•44m ago•0 comments

What if you just did a startup instead?

https://alexaraki.substack.com/p/what-if-you-just-did-a-startup
5•okaywriting•51m ago•0 comments

Hacking up your own shell completion (2020)

https://www.feltrac.co/environment/2020/01/18/build-your-own-shell-completion.html
2•todsacerdoti•54m ago•0 comments
Open in hackernews

New VPN Service Can't Log Users by Design

https://torrentfreak.com/new-vpn-service-cant-log-users-by-design/
17•882542F3884314B•7mo ago

Comments

phillipseamore•7mo ago
Obscura.net seems to have a simpler and more secure solution than this
rasengan•7mo ago
Obscura looks like it's a double hop system which lacks verification and is based on trust. All it takes is collusion of 2 persons to break this "security" model.

Trust, a non constant, has no place in a security architecture.

Don't trust, verify.

phillipseamore•7mo ago
It seems I have to place the same trust in vp.net, a green check mark in the client is still just a promise of verification to (most) users and under control of the same entity. I finally found links on vp.net to source but it has no public repos https://github.com/vpdotnet.
eGQjxkKF6fif•7mo ago
Check the client debug logs mine has the verification for the enclaves in it although I'm on an intel i3 but that makes sense for Intel's remote attestation that its verifying the enclave's unique hash and showing the MRENCLAVE hexes of the expected result.
phillipseamore•7mo ago
But without the source being available you still need to trust vp.net to be providing the correct hash to compare to, right?
eGQjxkKF6fif•7mo ago
Intel's remote attestation verifies that, with the hash you can use Intel's remote API which is what the client is doing, Intel gets the hash the server sends, verifies it using their encrypted key set and then tells the client that it's valid and verified. Not all processors have SGX capability to verify the hash. Intel provides tools to do the manual verification if you utilize SGX

https://www.intel.com/content/www/us/en/developer/tools/soft...

So you can verify locally and Intel's API also does the verification.

When an SGX Encalve is created, the private key to it goes within it, it can't be accessed. That's the security.

It's a good read if you look in to the tech on Intel's website.

phillipseamore•7mo ago
It verifies that something is running in the enclave. Without the source you can't hash it yourself (don't need an SGX capable system for that, just the SDK) to verify that it's the actual code running.
eGQjxkKF6fif•7mo ago
it would be verifying that WireGuard (https://www.wireguard.com/repositories/) is within the enclave, yeah?
phillipseamore•7mo ago
Have no idea since there isn't any code available for review. Technically what's running in SGX could just be what's enough for it to attest to it's existence [sidenote: how can I be sure this is even the SGX handling my connection and not just any SGX?]. I really like this idea but even if the code was available most users are still just trusting vp.net (won't be doing their own verification [and doing it everytime the hash has changed] but trusting vp.net's own claims in their own client, it's similar to the criticism of many E2EE messaging solutions, everything might be fine over the wire but I'm trusting their client not to collect or transmit anything before encryption or after decryption). If I could build my own client and lock it down to a hash of published SGX code then I'd be happier, or perhaps if an external party would handle the verification. Looking forward to explore this better when any code is made available.
ZBalas•7mo ago
Not that this makes it more safe... But I've been using VPNET for a month and it works well. Midwest. West Coast. Even in Mexico.
GhostGhillie•7mo ago
Nice breakdown. Less trust the better. Seems obvious
johnnyHacker•7mo ago
I heard the CIA uses SGX Enclaves too???
eGQjxkKF6fif•7mo ago
Trying it out, so far so good. Worked on my mangled Linux install.

I have and have been using Proton VPN which the free version. If you use it for bittorrent, even to download a Linux ISO which is what I did, will straight up DNS hijack you and feed you a web page instead of the web page you're looking at to scream at you that BitTorrent is only allowed if you're a paying subscriber.

So.. that means they can just access and re-route your traffic however they want and make you see whatever they want.

Fascinating use for SGX Enclave tech, I see in the client debug logs show API hits that do the verification. I'm on an intel i3 with gigabit connection and am pulling 800mbps up/down.

phillipseamore•7mo ago
I've been checking everyday if https://github.com/vpdotnet has started to publish any code so that the "verify" part of their claims can be... well verified. Still nothing there.
phillipseamore•7mo ago
Another week and still no code released so still nothing can be verified about their claims.
phillipseamore•6mo ago
And another week passes by. Just now the client has been released https://github.com/vpdotnet/vpnet-desktop but still nothing released that enables us to verify claims about security.