frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

UnAutomating the Economy: More Labor but at What Cost?

https://www.greshm.org/blog/unautomating-the-economy/
1•Suncho•5m ago•1 comments

Show HN: Gettorr – Stream magnet links in the browser via WebRTC (no install)

https://gettorr.com/
1•BenaouidateMed•6m ago•0 comments

Statin drugs safer than previously thought

https://www.semafor.com/article/02/06/2026/statin-drugs-safer-than-previously-thought
1•stareatgoats•7m ago•0 comments

Handy when you just want to distract yourself for a moment

https://d6.h5go.life/
1•TrendSpotterPro•9m ago•0 comments

More States Are Taking Aim at a Controversial Early Reading Method

https://www.edweek.org/teaching-learning/more-states-are-taking-aim-at-a-controversial-early-read...
1•lelanthran•10m ago•0 comments

AI will not save developer productivity

https://www.infoworld.com/article/4125409/ai-will-not-save-developer-productivity.html
1•indentit•16m ago•0 comments

How I do and don't use agents

https://twitter.com/jessfraz/status/2019975917863661760
1•tosh•22m ago•0 comments

BTDUex Safe? The Back End Withdrawal Anomalies

1•aoijfoqfw•24m ago•0 comments

Show HN: Compile-Time Vibe Coding

https://github.com/Michael-JB/vibecode
5•michaelchicory•27m ago•1 comments

Show HN: Ensemble – macOS App to Manage Claude Code Skills, MCPs, and Claude.md

https://github.com/O0000-code/Ensemble
1•IO0oI•30m ago•1 comments

PR to support XMPP channels in OpenClaw

https://github.com/openclaw/openclaw/pull/9741
1•mickael•31m ago•0 comments

Twenty: A Modern Alternative to Salesforce

https://github.com/twentyhq/twenty
1•tosh•32m ago•0 comments

Raspberry Pi: More memory-driven price rises

https://www.raspberrypi.com/news/more-memory-driven-price-rises/
1•calcifer•38m ago•0 comments

Level Up Your Gaming

https://d4.h5go.life/
1•LinkLens•42m ago•1 comments

Di.day is a movement to encourage people to ditch Big Tech

https://itsfoss.com/news/di-day-celebration/
3•MilnerRoute•43m ago•0 comments

Show HN: AI generated personal affirmations playing when your phone is locked

https://MyAffirmations.Guru
4•alaserm•44m ago•3 comments

Show HN: GTM MCP Server- Let AI Manage Your Google Tag Manager Containers

https://github.com/paolobietolini/gtm-mcp-server
1•paolobietolini•45m ago•0 comments

Launch of X (Twitter) API Pay-per-Use Pricing

https://devcommunity.x.com/t/announcing-the-launch-of-x-api-pay-per-use-pricing/256476
1•thinkingemote•45m ago•0 comments

Facebook seemingly randomly bans tons of users

https://old.reddit.com/r/facebookdisabledme/
1•dirteater_•47m ago•1 comments

Global Bird Count Event

https://www.birdcount.org/
1•downboots•47m ago•0 comments

What Is Ruliology?

https://writings.stephenwolfram.com/2026/01/what-is-ruliology/
2•soheilpro•49m ago•0 comments

Jon Stewart – One of My Favorite People – What Now? with Trevor Noah Podcast [video]

https://www.youtube.com/watch?v=44uC12g9ZVk
2•consumer451•51m ago•0 comments

P2P crypto exchange development company

1•sonniya•1h ago•0 comments

Vocal Guide – belt sing without killing yourself

https://jesperordrup.github.io/vocal-guide/
2•jesperordrup•1h ago•0 comments

Write for Your Readers Even If They Are Agents

https://commonsware.com/blog/2026/02/06/write-for-your-readers-even-if-they-are-agents.html
1•ingve•1h ago•0 comments

Knowledge-Creating LLMs

https://tecunningham.github.io/posts/2026-01-29-knowledge-creating-llms.html
1•salkahfi•1h ago•0 comments

Maple Mono: Smooth your coding flow

https://font.subf.dev/en/
1•signa11•1h ago•0 comments

Sid Meier's System for Real-Time Music Composition and Synthesis

https://patents.google.com/patent/US5496962A/en
1•GaryBluto•1h ago•1 comments

Show HN: Slop News – HN front page now, but it's all slop

https://dosaygo-studio.github.io/hn-front-page-2035/slop-news
7•keepamovin•1h ago•1 comments

Show HN: Empusa – Visual debugger to catch and resume AI agent retry loops

https://github.com/justin55afdfdsf5ds45f4ds5f45ds4/EmpusaAI
1•justinlord•1h ago•0 comments
Open in hackernews

UEFI shell vulnerabilities allow attackers to bypass Secure Boot

https://eclypsium.com/blog/bombshell-the-signed-backdoor-hiding-in-plain-sight-on-framework-devices/
56•jovial_cavalier•3mo ago

Comments

bigell•3mo ago
The article's title unfortunately makes it sound like this is a problem unique to Framework laptops.

However, they do mention in the article that "this situation is not unique to Framework"

I really admire what Framework has been trying to build. Glad that they were able to fix this issue promptly!

pcdoodle•3mo ago
I really love their hardware (13" 11th gen is my rig), imagine if they made a phone!
dang•3mo ago
Thanks - we've changed the title to the subtitle above
Pet_Ant•3mo ago
If stuff like the Raptor Talos can exist, surely the community can come together to support a company building an x86-64 motherboard that is completely binary-blob free...
estimator7292•3mo ago
There is a very, very good reason we don't have homebrew x86 boards. They're incredibly difficult and expensive to design, produce, and verify. Modern hardware has crazy high clock rates and even tighter timing tolerances. Beyond that, you have to convince whichever OEM to sell you the chipset in small quantities. And then you have to write miles of drivers and firmware and a BIOS.

And then you need to acquire and test every combination of CPU and RAM that any customer might conceivably use, then patch your miles of firmware to support each chip.

Oh and also you have to ensure your firmware can never, ever fail in such a way that cuts off fans or cranks up CPU voltage.

It's an incredibly involved process, which is why only big companies have the resources to pull it off. It's not impossible for a community board to be made, but it's something that would take years of work and a lot of money.

Pet_Ant•3mo ago
But don't most of the design issues apply to Talos as well?

And if it's security focussed, I think it's acceptable to say "It's AM4 (not 5), and only works with this RAM brand with these times and costs 5 times as much". It's a niche, and when people are into a niche they take the tradeoffs they get.

amluto•3mo ago
The UEFI shells are generally built from open source upstream code. IMO the real issue is that there is something quite wrong with a security model that thinks it’s a problem that someone can run a UEFI shell and modify memory but does not consider it a problem that one can boot their favorite Windows or Linux kernel and act as LocalSystem or root.
sidewndr46•3mo ago
there are a bunch of presentations from Bryan Cantrill of Oxide computing explaining why this is difficult to do.
__alexander•3mo ago
> UEFI-level anti-cheat bypasses

Anyone have a hash? I would love to reverse engineer one of these.

Sophira•3mo ago
Secure Boot is not something that should be part of a consumer computer at all, in my opinion. Enterprises might have some use for it, but for a consumer who wants to be able to do anything they want with their computer, it doesn't make sense.
gsora•3mo ago
Secure boot-enabled devices allow you to do anything you want, even enrolling your own keys. What's stopping you from doing that?
sidewndr46•3mo ago
There is no technical requirement for Secure boot to allow enrolling your own keys. Also, have you ever actually tried to enroll your own keys? The process for each and every board is basically unique
saghm•3mo ago
Theoretically nothing, but there's even less stopping me from turning it off instead
integralid•3mo ago
I am a consumer who is concerned about evil maid attacks and consider secure boot a good solution for this problem. I don't understand why this "doesn't make sense".

Secure boot never stopped me from doing anything I wanted with my hardware.

hulitu•3mo ago
> I am a consumer who is concerned about evil maid attacks and consider secure boot a good solution for this problem. I don't understand why this "doesn't make sense".

Physical access ? Like putting an oscilloscope on your cpu bus ?

ploxiln•3mo ago
> I am a consumer who is concerned about evil maid attacks

This is seriously the least likely way for you to be hacked. Much more likely is that an auto-update is downloaded and run from a hacked server, or you sometimes use pip/npm/etc to install dependencies for some software project and get malware that way, or you get tricked into opening a zipped document in an email that ends up having executable code because industry-standard doc viewers and OSes try to be too smart ...

> Secure boot never stopped me from doing anything I wanted with my hardware.

But, you may have done a lot of things that it should have stopped you from doing. For 5 to 10 years a bunch of utilites for monitoring temperatures and fan speeds and controlling RGB lighting etc have used the signed "winring0" driver to be able to poke arbitrary hardware registers of various chips over various low-level busses (i2c etc), just a couple months ago this "winring0" driver was blacklisted, identified as malware, and quarantined by Windows Defender. There's other solutions that these tools have shifted to, like "PawnIO" and custom signed drivers.

On the topic of Framework, you can use "ectool" to control fan behavior and charging behavior etc of the environmental controller chip, but for many years you had to disable secure-boot for this thing to be able to poke that chip. About a year ago I recall a forum conversation where someone was intent on porting this tool to use winring0 on windows so that they did not have to "endanger" their system by disabling secure-boot. I really didn't think there was any point, because if winring0 lets you bypass protections that secure-boot relies on, it's just a big charade.

Many signed third-party windows drivers have been found vulnerable to enabling arbitrary memory poking somehow, which theoretically lets you bypass any protections that secure-boot intends to provide. They eventually get updated and old versions blacklisted, but there's always a bunch and there's always more. And remember Logo-Fail? Letting people update the boot logo, without re-signing with their own key loaded into their system?

And if we look at the other discoveries by Eclypsium, the theme here is debug and repair tools. Do you want debug and repair tools to be allowed without disabling secure-boot?

It turns out that lots of people, maybe most people, expect to be able to do things with their laptop, which secure-boot really shouldn't allow. For practical reasons we tend to just go ahead and get that signed with some Microsoft key and allow it. There's a real theater to thinking secure-boot is super important and you're super-secure, while expecting and depending on functionality which really means that secure-boot has been compromised in 100 different ways. I just turn it off, it just makes things more complicated.

UltraSane•3mo ago
Secure boot greatly increases computer security for everyone.
hulitu•3mo ago
> Secure boot greatly increases computer security for everyone.

Citation needed. /s

You do realize that Secure boot is mostly pushed by Microsoft, which has a terrible security.

UltraSane•3mo ago
ALL of the major hyperscalers use a version of secure boot. It would be insane not to.