frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

CSRF Is Dead, Long Live Request Intent

https://erdem.work/csrf-is-dead-long-live-request-intent-the-anatomy-of-a-cryptographic-primitive
1•laphilosophia•1h ago

Comments

laphilosophia•1h ago
The "Synchronizer Token Pattern"—the standard approach to CSRF protection for the last decade—is becoming an architectural liability. In an era of serverless runtimes, edge computing, and distributed systems, relying on a stateful session store (like Redis) just to validate a form submission is an inefficiency we should no longer accept.

I am developing Sigil, not as another middleware framework, but as a stateless cryptographic primitive. It redefines CSRF protection from a "token check" into a mathematical verification of Request Intent.

This article details the engineering constraints, the cryptographic architecture, and the specific security pain points Sigil addresses without the bloat of traditional frameworks.

Show HN: ClawBox – Always-on AI assistant box (Jetson, 15W, 67 TOPS, €399)

https://openclawhardware.dev
1•superactro•56s ago•0 comments

Diffy – A GUI Git repository watcher with real-time diffs

https://github.com/sarfraznawaz2005/diffy
1•sarfraz_nawaz•1m ago•0 comments

We hid backdoors in binaries – Opus 4.6 found 49% of them

https://quesma.com/blog/introducing-binaryaudit/
1•stared•2m ago•1 comments

SoFTTSeek – a modern SoulSeek client made for friends, and friends of friends

https://www.softtseek.com/
1•XzetaU8•2m ago•0 comments

A2A payment system for AI agents – 9,416x cheaper than traditional escrow

https://github.com/marcus20232023/a2a-shib-payments
1•marcus2004•4m ago•1 comments

A Slow Tuesday Night

https://www.baen.com/Chapters/9781618249203/9781618249203___2.htm
1•janandonly•6m ago•0 comments

Minions: Stripe's one-shot, end-to-end coding agents

https://stripe.dev/blog/minions-stripes-one-shot-end-to-end-coding-agents
1•taubek•7m ago•0 comments

If you don't engineer backpressure, you'll get slopped

https://jw.hn/engineering-backpressure
1•jwpapi•8m ago•0 comments

Gemini writes, Claude polishes, JetBrains rests: an agent development pipeline

https://ginkida.dev/en/posts/gemini-writes-claude-polishes-jetbrains-rests-my-agent-1
1•ginkida•8m ago•1 comments

Hacking a $22 Wi-Fi toy drone to understand its firmware, protocols, and limits

https://journal.farhaan.me/hacking-chinese-toy-dronea17
1•voxadam•8m ago•0 comments

AI job interviewer flags candidate's 'habitual' use of Google Chrome

https://www.cbc.ca/news/world/ai-job-interview-evaluation-9.7074486
1•lametti•9m ago•0 comments

R2: Final Validation

https://stories.rivian.com/r2-final-validation-testing
1•whicks•9m ago•0 comments

Building a Zero-Dependency secp256k1 CUDA Engine from Scratch (2.5B ops/SEC)

https://github.com/shrec/UltrafastSecp256k1
1•shrecshrec•11m ago•1 comments

Webmentions with Batteries Included

https://blog.fabiomanganiello.com/article/webmentions-with-batteries-included
1•blacklight•12m ago•0 comments

Steven Weinberg Glimpses the Promised Land

https://www.thenewatlantis.com/publications/steven-weinberg-glimpses-the-promised-land
2•nsoonhui•13m ago•0 comments

Understanding How GIL Affects Checkpoint Performance During LLM Training

https://www.shayon.dev/post/2026/38/understanding-how-gil-affects-checkpoint-performance-in-pytor...
1•shayonj•13m ago•0 comments

Show HN: DeckOps – Anki ↔ Markdown with true bidirectional sync

https://github.com/visserle/DeckOps
1•visserle•13m ago•0 comments

Hylo: A systems programming language all in on value semantics and generic progr

https://hylo-lang.org/
1•fanf2•14m ago•0 comments

Show HN: Mimora, a 3D avatar for OpenClaw AI agents with voice and expressions

https://mimora.app/
2•astressence•15m ago•2 comments

Better Python tests with inline-snapshot and dirty-equals

https://pydantic.dev/articles/inline-snapshot
2•alexmojaki•16m ago•0 comments

NASA Still Has a Lot of Work to Do to Return to the Moon

https://spectrum.ieee.org/nasa-artemis-blue-origin-spacex
2•oldnetguy•18m ago•0 comments

How and When the Memory Chip Shortage Will End, Why Prices Will Stay High

https://spectrum.ieee.org/dram-shortage
2•oldnetguy•19m ago•0 comments

Data-driven modelling of autonomous and forced dynamical systems

https://arxiv.org/abs/2512.12432
1•mnky9800n•20m ago•0 comments

A nightly recap for a puzzling agentic eCommerce world

https://www.neuralab.net/woocommerce-zagreb-meetup-a-nightly-recap-in-a-puzzling-agentic-ecommerc...
1•taubek•25m ago•0 comments

Show HN: Temporary Markdown sharing with a built-in slide mode

https://tmplink.ponyo877.com
2•ponyo877•27m ago•0 comments

Show HN: Musical Interval Trainer

https://valtterimaja.github.io/musical-interval-trainer/
2•Gravityloss•28m ago•1 comments

Show HN: Gflow – Lightweight single-node GPU job scheduler in Rust

https://github.com/AndPuQing/gflow
1•PuQing•28m ago•0 comments

AgentStocks – Let your AI agent trade prediction markets with capital we provide

https://agentstocks.ai/
1•KGKalalsmaa•29m ago•1 comments

Show HN: ClawPool – Pool Claude tokens to make $$$ or crazy cheap Claude Code

https://clawpool.ai
2•pablojamjam•29m ago•1 comments

Show HN: Cyber+ – A DSL for scripting cybersecurity workflows

1•CzaxTanmay•30m ago•0 comments