frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Moltbook isn't real but it can still hurt you

https://12gramsofcarbon.com/p/tech-things-moltbook-isnt-real-but
1•theahura•1m ago•0 comments

Take Back the Em Dash–and Your Voice

https://spin.atomicobject.com/take-back-em-dash/
1•ingve•2m ago•0 comments

Show HN: 289x speedup over MLP using Spectral Graphs

https://zenodo.org/login/?next=%2Fme%2Fuploads%3Fq%3D%26f%3Dshared_with_me%25253Afalse%26l%3Dlist...
1•andrespi•3m ago•0 comments

Teaching Mathematics

https://www.karlin.mff.cuni.cz/~spurny/doc/articles/arnold.htm
1•samuel246•5m ago•0 comments

3D Printed Microfluidic Multiplexing [video]

https://www.youtube.com/watch?v=VZ2ZcOzLnGg
2•downboots•5m ago•0 comments

Abstractions Are in the Eye of the Beholder

https://software.rajivprab.com/2019/08/29/abstractions-are-in-the-eye-of-the-beholder/
2•whack•6m ago•0 comments

Show HN: Routed Attention – 75-99% savings by routing between O(N) and O(N²)

https://zenodo.org/records/18518956
1•MikeBee•6m ago•0 comments

We didn't ask for this internet – Ezra Klein show [video]

https://www.youtube.com/shorts/ve02F0gyfjY
1•softwaredoug•7m ago•0 comments

The Real AI Talent War Is for Plumbers and Electricians

https://www.wired.com/story/why-there-arent-enough-electricians-and-plumbers-to-build-ai-data-cen...
2•geox•9m ago•0 comments

Show HN: MimiClaw, OpenClaw(Clawdbot)on $5 Chips

https://github.com/memovai/mimiclaw
1•ssslvky1•10m ago•0 comments

I Maintain My Blog in the Age of Agents

https://www.jerpint.io/blog/2026-02-07-how-i-maintain-my-blog-in-the-age-of-agents/
2•jerpint•10m ago•0 comments

The Fall of the Nerds

https://www.noahpinion.blog/p/the-fall-of-the-nerds
1•otoolep•12m ago•0 comments

I'm 15 and built a free tool for reading Greek/Latin texts. Would love feedback

https://the-lexicon-project.netlify.app/
2•breadwithjam•15m ago•1 comments

How close is AI to taking my job?

https://epoch.ai/gradient-updates/how-close-is-ai-to-taking-my-job
1•cjbarber•15m ago•0 comments

You are the reason I am not reviewing this PR

https://github.com/NixOS/nixpkgs/pull/479442
2•midzer•17m ago•1 comments

Show HN: FamilyMemories.video – Turn static old photos into 5s AI videos

https://familymemories.video
1•tareq_•18m ago•0 comments

How Meta Made Linux a Planet-Scale Load Balancer

https://softwarefrontier.substack.com/p/how-meta-turned-the-linux-kernel
1•CortexFlow•18m ago•0 comments

A Turing Test for AI Coding

https://t-cadet.github.io/programming-wisdom/#2026-02-06-a-turing-test-for-ai-coding
2•phi-system•18m ago•0 comments

How to Identify and Eliminate Unused AWS Resources

https://medium.com/@vkelk/how-to-identify-and-eliminate-unused-aws-resources-b0e2040b4de8
3•vkelk•19m ago•0 comments

A2CDVI – HDMI output from from the Apple IIc's digital video output connector

https://github.com/MrTechGadget/A2C_DVI_SMD
2•mmoogle•20m ago•0 comments

CLI for Common Playwright Actions

https://github.com/microsoft/playwright-cli
3•saikatsg•21m ago•0 comments

Would you use an e-commerce platform that shares transaction fees with users?

https://moondala.one/
1•HamoodBahzar•22m ago•1 comments

Show HN: SafeClaw – a way to manage multiple Claude Code instances in containers

https://github.com/ykdojo/safeclaw
3•ykdojo•26m ago•0 comments

The Future of the Global Open-Source AI Ecosystem: From DeepSeek to AI+

https://huggingface.co/blog/huggingface/one-year-since-the-deepseek-moment-blog-3
3•gmays•26m ago•0 comments

The Evolution of the Interface

https://www.asktog.com/columns/038MacUITrends.html
2•dhruv3006•28m ago•1 comments

Azure: Virtual network routing appliance overview

https://learn.microsoft.com/en-us/azure/virtual-network/virtual-network-routing-appliance-overview
3•mariuz•28m ago•0 comments

Seedance2 – multi-shot AI video generation

https://www.genstory.app/story-template/seedance2-ai-story-generator
2•RyanMu•32m ago•1 comments

Πfs – The Data-Free Filesystem

https://github.com/philipl/pifs
2•ravenical•35m ago•0 comments

Go-busybox: A sandboxable port of busybox for AI agents

https://github.com/rcarmo/go-busybox
3•rcarmo•36m ago•0 comments

Quantization-Aware Distillation for NVFP4 Inference Accuracy Recovery [pdf]

https://research.nvidia.com/labs/nemotron/files/NVFP4-QAD-Report.pdf
2•gmays•36m ago•0 comments
Open in hackernews

X-Clacks-Overhead

https://hleb.dev/post/x-clacks-overhead/
125•hleb_dev•1mo ago

Comments

stevekemp•1mo ago
Looks like the site uses the deprecated "Report-To:" header in responses too, something I've never seen before and had to lookup.
hoppp•1mo ago
I am all for goofy headers. Its especially fun when randomly stumbling into it.
kotaKat•1mo ago
I was poking at the AT&T U-Verse outage reporting endpoint and caught "X-Employment".

Sadly no additional challenge other than "If you are reading this, please consider a technology job at AT&T www.att.jobs".

NewJazz•1mo ago
Eww why would they buy a .jobs domain what a joke.
atemerev•1mo ago
The most important HTTP header (though clacks is a packet routing system, not an application-level streaming protocol)
kijin•1mo ago
Well, there's no reason we couldn't have clacks-over-HTTP(-over-DNS)?(-over-avian-carrier)?, is there?
falcor84•1mo ago
Of course, the good old CLOACA protocol (CLacks Over Avian CArrier), with the HTTP and DNS tunneling being OPTIONAL.
wiml•1mo ago
True, perhaps it should be added as an IP option field or TCP option...
danaris•1mo ago
GNU Terry Pratchett

"A man never truly dies until the his name is no longer spoken."

xena•1mo ago
Whenever you load my blog, it randomly sends back a name from my configuration's clackset: https://github.com/Xe/site/blob/ff8627975e5f6718fff33051d11a.... I hate that the list is so long but over time it will only grow longer.
dylanh•1mo ago
Thank you for putting Matt trout there.
tapete1•1mo ago
Damn. I was not aware that Kevin Mitnick has passed away.
dejj•1mo ago
Does “saying the name lest he be forgotten” classify as Cargo Cult?
falcor84•1mo ago
Why would it? Cargo Cutlting is when you believe that doing something symbolic will have a tangible effect on the world (e.g. bring you cargo from the sky), but this is just intended to be symbolic.
dejj•1mo ago
I was curious, and you’re right. It would be Cargo Culting then, if we believed the ritual actually had an effect on Pratchett in the afterlife.
ninalanyon•1mo ago
Surely not. That's just most religions.

Cargo cults are quite specifically believing that the incantations have an effect in this world.

"The first documented cargo cults were religious movements that foretold followers would imminently receive an abundance of (often Western) food and goods (the "cargo") brought by their ancestors."

https://en.wikipedia.org/wiki/Cargo_cult

rcarmo•1mo ago
I had that header set back when I ran my blog on my own HTTP server. Probably should spend some Cloudflare worker cycles to put it back now that it’s purely static…
NewJazz•1mo ago
You don't need cloudflare workers for that. The blog post mentioned how to add it. And there are other options as well.
rcarmo•1mo ago
I have a fully static site. And the backing storage doesn’t let me set custom headers
NewJazz•1mo ago
Did you read the article? That method doesn't work for you?

What about this one? https://developers.cloudflare.com/rules/transform/request-he...

thrtythreeforty•1mo ago
There's a list of sites broadcasting X-Clacks-Overhead: https://xclacksoverhead.org/listing/the-signal
madeofpalk•1mo ago
FYI - no need to prefix your custom header with X- !

> Historically, designers and implementers of application protocols have often distinguished between standardized and unstandardized parameters by prefixing the names of unstandardized parameters with the string "X-" or similar constructs. In practice, that convention causes more problems than it solves. Therefore, this document deprecates the convention for newly defined parameters with textual (as opposed to numerical) names in application protocols.

https://datatracker.ietf.org/doc/html/rfc6648

nubg•1mo ago
What supposed problems does it cause in practice?
Bratmon•1mo ago
If a nonstandard X header becomes widely used and then adopted as the standard, there is a surprisingly lengthy and difficult transition period to the new name.

Both clients and servers have to support both the X name and the regular name for decades, and servers have to deal with questions like "What if both are present but different?"

lucideer•1mo ago
If both are present but different the unprefixed version should be favoured. That seems uncontroversial & not complex to implement.

Sending two headers seems fine in most cases.

These are certainly downsides but hardly dealbreakers. On the other side, not prefixing has its own pros & cons, which seem more difficult to work around:

1. The obvious clash issue. If two pieces of software implement entirely different X-Value: headers, the standardisation effort clarifies the signal in the form of an unprefixed version. If both competing software applications start out unprefixed, the signal will always be ambiguous.

2. Implementation changes. If any lessons are learnt during initial use of a prefixed header, these can be applied by standardising on a slightly improved unprefixed version.

garblegarble•1mo ago
> If both are present but different the unprefixed version should be favoured. That seems uncontroversial & not complex to implement.

oops, you just enabled smuggling where there's a mismatch between what a proxy/firewall/etc supports and what an internal service supports.

    X-Do-Evil: true
    Do-Evil: false
lucideer•1mo ago
Smuggling is a general concern whenever two headers have functionality that interact - it's not specific to prefix masking & given how implementation-based it is, it's not even likely to occur to any arbitrary prefix mask.

That's not a reason not to consider it a threat vector when implementing, but no more than when implementing any header (that interacts with another)

MrJohz•1mo ago
But isn't the problem with X- headers that if they ever get standardised, they necessarily create this smuggling issue? Whereas if you start with an unprefixed header and standardise it under the same name, you avoid this issue.

You could also solve the problem by standardising the header with the X- prefix, but this is more confusing to users and violates the idea that X- always means "not standardised", at which point the prefix is useless anyway.

Bratmon•1mo ago
> That's not a reason not to consider it a threat vector when implementing, but no more than when implementing any header (that interacts with another)

But the header wouldn't have interacted with another header if we hadn't decided to do this X-prefix nonsense!

lucideer•1mo ago
It might not have but it's a lot more likely that it would.
wowczarek•1mo ago
I have been guilty of adding a custom header to all of my emails: "Yo-Momma: Fat". For years. In a professional setting. Nobody noticed.
akoboldfrying•1mo ago
Discovering this at work one day would have brought a smile to my face!

Perhaps there's a whole new joke format here.

Long-Face-Reason: horse

maxmcd•1mo ago
Is this possibly an intentional reference to GNU Linux, or unrelated?
shadowgovt•1mo ago
Quite intentional.
kingsfoil•1mo ago
Within the book itself the clacks system has its own technical protocol which is briefly touched upon. The "overhead" is essentially packet or request metadata.

From the LSpace wiki, GNU is a metadata that means:

    G: Send the message onto the next Clacks Tower.
    N: Do not log the message.
    U: At the end of the line, return the message.
And yes, it is almost certainly a reference to GNU as in "GNU's Not Unix". =)

https://wiki.lspace.org/GNU_Terry_Pratchett

TRiG_Ireland•1mo ago
It's Terry Pratchett, so of course it's an intentional reference.
nindalf•1mo ago
I miss Terry Pratchett. Just a good guy, writing joyful books. None of that "gritty realism" here. There's only about 40 books by him, so I read 2 a year. By the time I get to 40, I figure I would have forgotten the first few and I can start again.

My blog has had this header since the day he died.

ninalanyon•1mo ago
The Night Watch seems pretty gritty to me. And Small Gods. And Vimes' escape from the werewolves in The Fifth Elephant.
nindalf•1mo ago
Night Watch is my favourite book of his, as it turns out. He is capable of exploring serious themes while still maintaining some whimsy. That's why I love him so much.
sandermvanvliet•1mo ago
stackoverflow.com and all stack exchange sites also include X-Clacks-Overhead in the response thanks to yours truly
regularfry•1mo ago
I think strictly speaking any node on the network which receives the header should forward it on. So if your browser ever sees it, it should use it for all HTTP requests from that point. And if a server ever receives it, it should pass it to all clients.
gclawes•1mo ago
There are Chrome and Firefox extensions to indicate the presence of the header.

https://chromewebstore.google.com/detail/clacks-overhead-gnu...

https://addons.mozilla.org/en-US/firefox/addon/x-clacks-over...

kingsfoil•1mo ago
A while back I wrote a tiny piece of Phoenix middleware to add the GNU message for an arbitrary name to phoenix applications:

https://github.com/alex0112/ex_clacks_overhead

I haven't touched it in years, so it's possible that it no longer works. But maybe this post is a kick in the pants for me to go test it again.

Thanks for keeping it in the overhead. GNU Terry Pratchett.

> "A man's not dead while his name is still spoken"

achillean•1mo ago
Honeypots are advertising that header as well nowadays:

https://www.shodan.io/search/report?query=x-clacks-overhead

Most of the non-honeypot results are for the Gargoyle Router Management interface exposed by Korea Telecom:

https://www.shodan.io/search/report?query=x-clacks-overhead+...

The results have increased significantly over time:

https://trends.shodan.io/search?query=x-clacks-overhead

satvikpendem•1mo ago
> But sometimes small, unnecessary things are exactly what make the internet better.

Or, worse? I don't think this is the point you're wanting to make but it's not always the case that it's better.