frontpage.

Has anyone had any experience of these tools, billed as "protecting" the user from e.g. phishing, but actually installing a root certificate and doing local TLS interception? This happens even when Nord's VPN part is completely disabled! In our case, we found that it doesn't seem to handle HTTP/2 Trailers properly on both Windows and macOS, and would just leave the browser hanging waiting for the response back from one of our endpoints (which returned a trailer for measuring timings).

Nord support have been just as useless as you would expect (we have shared a PCAP & TLS session keys etc), but I wanted to ask if anyone else had had experiences with TLS interception like this, supposedly there to enhance security, breaking functionality in this way? It'd be very useful if there was a place to report issues like this publicly, a la Mozilla's webcompat efforts.

It seems pretty scary from a privacy perspective as well, to effectively give your VPN provider the "keys to the kingdom" and enable them to decrypt all of your traffic. I would be very interested to see a teardown of this.

What is it like to be a human being?

Show HN: Faster more accurate multimodal vector search

Show HN: Corvo – Free portfolio analytics with MonteCarlo simulation and AI chat

Open-source AI models for 3D generation

The state of high-speed rail in the U.S. [video]

MirrorCode: Evidence that AI can do some weeks-long coding tasks

Trump's Changes Lock Some Employers Out of H-1B Visa Program

Next Project

I built ClawIDE: A web-based IDE for managing multiple Claude Code sessions

TypeScript stack: modern dev tools and platforms for startups

What to Know About OpenAI's Ideas for a World with 'Superintelligence'

To Fill Air Traffic Controller Shortage, FAA Turns to Gamers

Abandoning Apple and Learning to Love Linux

Agents fail because software stopped being readable

Show HN: LuxShot – Open-source, native macOS OCR utility

Show HN: Formally Verified Leaderless Log Protocol for Kafka

I used Codex to upgrade my 2013 Nexus 7 to Android 11

ChatGPT's bug with scanned PDFs

Why I'm Building a Database Engine in C#

Wikimind: A CLI that compiles raw documents into an interlinked wiki using LLMs

"Memflation": Cheaper RAM not expected until 2028, says Gartner

Neural Computers

RFC 9019 – A Firmware Update Architecture for Internet of Things (2021)

Bluesky April 2026 Outage Post-Mortem

Compute iOS XNU offset from kernel cache

WireGuard makes new Windows release following Microsoft signing resolution

Mybets.gg – AI-powered sports bet tracker with browser extension and analytics

Show HN: I built a $3/yr AI workflow to stop doomscrolling Twitter for tech news

PHP 8.5.5 Release Announcement

Show HN: NotebookLM alternative for working from local files with any model

Ask HN: NordVPN "Threat Protection Pro": intercepting and breaking our web-app?