frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Interop 2025: A Year of Convergence

https://webkit.org/blog/17808/interop-2025-review/
1•ksec•7m ago•0 comments

JobArena – Human Intuition vs. Artificial Intelligence

https://www.jobarena.ai/
1•84634E1A607A•11m ago•0 comments

Concept Artists Say Generative AI References Only Make Their Jobs Harder

https://thisweekinvideogames.com/feature/concept-artists-in-games-say-generative-ai-references-on...
1•KittenInABox•15m ago•0 comments

Show HN: PaySentry – Open-source control plane for AI agent payments

https://github.com/mkmkkkkk/paysentry
1•mkyang•17m ago•0 comments

Show HN: Moli P2P – An ephemeral, serverless image gallery (Rust and WebRTC)

https://moli-green.is/
1•ShinyaKoyano•26m ago•0 comments

The Crumbling Workflow Moat: Aggregation Theory's Final Chapter

https://twitter.com/nicbstme/status/2019149771706102022
1•SubiculumCode•31m ago•0 comments

Pax Historia – User and AI powered gaming platform

https://www.ycombinator.com/launches/PMu-pax-historia-user-ai-powered-gaming-platform
2•Osiris30•32m ago•0 comments

Show HN: I built a RAG engine to search Singaporean laws

https://github.com/adityaprasad-sudo/Explore-Singapore
1•ambitious_potat•37m ago•0 comments

Scams, Fraud, and Fake Apps: How to Protect Your Money in a Mobile-First Economy

https://blog.afrowallet.co/en_GB/tiers-app/scams-fraud-and-fake-apps-in-africa
1•jonatask•37m ago•0 comments

Porting Doom to My WebAssembly VM

https://irreducible.io/blog/porting-doom-to-wasm/
1•irreducible•38m ago•0 comments

Cognitive Style and Visual Attention in Multimodal Museum Exhibitions

https://www.mdpi.com/2075-5309/15/16/2968
1•rbanffy•40m ago•0 comments

Full-Blown Cross-Assembler in a Bash Script

https://hackaday.com/2026/02/06/full-blown-cross-assembler-in-a-bash-script/
1•grajmanu•45m ago•0 comments

Logic Puzzles: Why the Liar Is the Helpful One

https://blog.szczepan.org/blog/knights-and-knaves/
1•wasabi991011•56m ago•0 comments

Optical Combs Help Radio Telescopes Work Together

https://hackaday.com/2026/02/03/optical-combs-help-radio-telescopes-work-together/
2•toomuchtodo•1h ago•1 comments

Show HN: Myanon – fast, deterministic MySQL dump anonymizer

https://github.com/ppomes/myanon
1•pierrepomes•1h ago•0 comments

The Tao of Programming

http://www.canonical.org/~kragen/tao-of-programming.html
2•alexjplant•1h ago•0 comments

Forcing Rust: How Big Tech Lobbied the Government into a Language Mandate

https://medium.com/@ognian.milanov/forcing-rust-how-big-tech-lobbied-the-government-into-a-langua...
3•akagusu•1h ago•0 comments

PanelBench: We evaluated Cursor's Visual Editor on 89 test cases. 43 fail

https://www.tryinspector.com/blog/code-first-design-tools
2•quentinrl•1h ago•2 comments

Can You Draw Every Flag in PowerPoint? (Part 2) [video]

https://www.youtube.com/watch?v=BztF7MODsKI
1•fgclue•1h ago•0 comments

Show HN: MCP-baepsae – MCP server for iOS Simulator automation

https://github.com/oozoofrog/mcp-baepsae
1•oozoofrog•1h ago•0 comments

Make Trust Irrelevant: A Gamer's Take on Agentic AI Safety

https://github.com/Deso-PK/make-trust-irrelevant
7•DesoPK•1h ago•4 comments

Show HN: Sem – Semantic diffs and patches for Git

https://ataraxy-labs.github.io/sem/
1•rs545837•1h ago•1 comments

Hello world does not compile

https://github.com/anthropics/claudes-c-compiler/issues/1
35•mfiguiere•1h ago•20 comments

Show HN: ZigZag – A Bubble Tea-Inspired TUI Framework for Zig

https://github.com/meszmate/zigzag
3•meszmate•1h ago•0 comments

Metaphor+Metonymy: "To love that well which thou must leave ere long"(Sonnet73)

https://www.huckgutman.com/blog-1/shakespeare-sonnet-73
1•gsf_emergency_6•1h ago•0 comments

Show HN: Django N+1 Queries Checker

https://github.com/richardhapb/django-check
1•richardhapb•1h ago•1 comments

Emacs-tramp-RPC: High-performance TRAMP back end using JSON-RPC instead of shell

https://github.com/ArthurHeymans/emacs-tramp-rpc
1•todsacerdoti•1h ago•0 comments

Protocol Validation with Affine MPST in Rust

https://hibanaworks.dev
1•o8vm•1h ago•1 comments

Female Asian Elephant Calf Born at the Smithsonian National Zoo

https://www.si.edu/newsdesk/releases/female-asian-elephant-calf-born-smithsonians-national-zoo-an...
5•gmays•2h ago•1 comments

Show HN: Zest – A hands-on simulator for Staff+ system design scenarios

https://staff-engineering-simulator-880284904082.us-west1.run.app/
1•chanip0114•2h ago•1 comments
Open in hackernews

Rooted Android phones vulnerable due to Android kernel patching flaws

https://zimperium.com/blog/the-rooting-of-all-evil-security-holes-that-could-compromise-your-mobile-device
18•witnessme•5mo ago

Comments

WarOnPrivacy•5mo ago
The author goes into the weeds on the vulnerabilities that can be left following some rooting methods. All to the good.

Meanwhile, it's non-rooted phones that get endlessly compromised

    by state sponsored cellbright attacks (LEO),
    by blackhatted Israeli exploitive malware platforms
    and from an endless array of general crapware, much 
     of it from handset manufacturers, wireless carriers and 
     their bloatware affiliates.
All that said, the article really does go into detail. I know enough to follow along but probably not enough to spot issues (if there are any).
ThePowerOfFuet•5mo ago
>Meanwhile, it's non-rooted phones that get endlessly compromised

With the notable exclusion of GrapheneOS. (It's also Cellebrite-proof going on three years now.)

diogenes_atx•5mo ago
What are the security vulnerabilities of GrapheneOS?
hulitu•5mo ago
> With the notable exclusion of GrapheneOS. (It's also Cellebrite-proof going on three years now.)

Does Whatsup run on GrapheneOS ? Asking for a friend /s

preisschild•5mo ago
You are mistaking "rooting" with using a different Android distribution.

You can install GrapheneOS/Lineageos without root. And you can install a su binary on the stock OS, not improving privacy at all.

spaqin•5mo ago
Would be much easier to work against such vulnerabilities if rooting was officially sanctioned and actual resources could be put towards making it a viable and secure option, rather than taking away the power from the user for the device they purchased.
preisschild•5mo ago
Giving apps root permissions exposes a huge hole in the Android security system (normal permissions) though. This is inherently more insecure than not having root at all.

> rather than taking away the power from the user for the device they purchased

I disagree with that. Not having root doesn't mean it's inherently anti-user. I use GrapheneOS without root and am still in total control of my device.

donkeybeer•5mo ago
I am not understanding what you are trying to say. Nobody runs daily apps as root on desktop linux either. Root here means ability to not necessarily actually doing something as the root user.

I don't know anything about Android permission system is built atop linux, what does it mean when you say giving an app 'root permissions'?

mckenzba•5mo ago
What does giving apps root permissions have anything to do with rooting a device? Rooting in this context means unlocking the bootloader to allow for a custom OS/kernel that isn't signed by the OEM. You can have a rooted device while still running an OS that restricts apps (that behave) from having root account access.

I'd rather have the ability to enroll my own keys so I can boot my own signed OS and maintain a root of trust that I own much like what can be done on desktop Linux with a TPM. IIRC Google's Pixel phones have this ability (and are one of the few phones that have this ability if I'm not mistaken).

preisschild•5mo ago
> Rooting in this context means unlocking the bootloader to allow for a custom OS/kernel that isn't signed by the OEM

That would not be the correct usage of the term "rooting". "Rooting" on Android systems generally means to install a `su` binary (like Magisk) that you can use to give apps root permissions, thus completely circumventing the normal android app permission system.

> I'd rather have the ability to enroll my own keys so I can boot my own signed OS and maintain a root of trust that I own much like what can be done on desktop Linux with a TPM. IIRC Google's Pixel phones have this ability (and are one of the few phones that have this ability if I'm not mistaken).

I agree completely. I have a Google Pixel and use this with GrapheneOS.

This feature is `called avb_custom_key`, and yeah, unfortunately only some devices support it.

https://github.com/chenxiaolong/avbroot/issues/299

witnessme•5mo ago
This latest test is related to rooting framework KernelSU. Sinilar vulnerabilities were found earlier in other rooting frameworks such as APatch , SKRoot, etc. The vulnerability results in gaining root access and escalated privileges.