frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Amalia – an open-source language model targeting European Portuguese

https://huggingface.co/amalia-llm
1•mt_•1m ago•0 comments

The Founding Father Who Sought a Last-Minute Deal to Avert the Revolution

https://www.nytimes.com/2026/06/30/us/250-american-revolution-john-dickinson.html
1•bookofjoe•1m ago•1 comments

Ask HN: Will AI LLMs for coding get smarter and cheaper in the future?

1•roschdal•2m ago•0 comments

What's the Point of Sex, Anyway?

https://www.newyorker.com/magazine/2026/06/29/on-the-origin-of-sex-book-review-lixing-sun
1•mitchbob•2m ago•1 comments

Valve Explains Why It Doesn't Subsidize Its Hardware Platforms

https://daringfireball.net/linked/2026/07/01/valve-on-subsidizing-hardware
1•Tomte•2m ago•0 comments

A new clock measures the chance of satellite collisions

https://theconversation.com/a-new-crash-clock-measures-the-chance-of-satellite-collisions-and-its...
1•mathgenius•3m ago•0 comments

Show HN: In-place OCR+Translate for Internet Archive books

https://chromewebstore.google.com/detail/bookxlate-archiveorg-book/mfefkdeojibnbabedjonpgmbgbfplbhe
1•viking2917•3m ago•0 comments

OpenFoundry 2.0

https://m.open-foundry.com/w/UOdYBuUAEN4pxsHpN4b5ng/RZpKCWI21Q0Nf2HXPYFqhw/dVopakEBt0HsOjcigQ8b2w
2•starkparker•4m ago•0 comments

Show HN: a Rust OS kernel built for LLM inference

https://github.com/Kanchisaw03/axiom
2•Kanchisaw•4m ago•0 comments

Appearently MV2/uBO extentions still works on Chrome 150

https://old.reddit.com/r/uBlockOrigin/comments/1ukq0hf/ubo_can_work_on_chrome_150_if_you_already_...
1•elfatnorthpole•6m ago•0 comments

Droid Shield 2.0: learned secret detection

https://factory.ai/news/droid-shield-2-0
2•kstrauser•6m ago•1 comments

Norman Rockwell Paintings of the West Wing in the White House on Public View

https://www.smithsonianmag.com/smart-news/norman-rockwell-captured-the-hustle-of-the-west-wing-in...
1•thunderbong•8m ago•0 comments

Indian Address Parser – Qwen3-0.6B LoRA

https://huggingface.co/gagan1985/qwen3-0.6b-indian-address-parser
1•gagan2020•8m ago•1 comments

The Hidden Harms of CPR (2023)

https://www.newyorker.com/news/the-weekend-essay/the-hidden-harms-of-cpr
1•mitchbob•9m ago•1 comments

Show HN: Rewindr – Local shell inside failed GitHub Actions snapshots

https://github.com/dr-alberto/rewindr
3•__alberto•9m ago•0 comments

Consortium including Visa, Mastercard jointly launch new global stablecoin

https://www.reuters.com/business/consortium-including-visa-mastercard-jointly-launch-new-global-s...
2•FergusArgyll•10m ago•0 comments

Sanpo Yoshi: the Japanese business principle of success through responsibility

https://medium.com/social-innovation-japan/sanpo-yoshi-japans-responsible-business-philosophy-15d...
1•akyuu•11m ago•0 comments

Artful Cats: Feline-Inspired Art and Artifacts

https://www.si.edu/spotlight/art-cats
1•jruohonen•11m ago•0 comments

Boffins peg narcissistic leadership as the real driver behind 'return to office'

https://www.theregister.com/columnists/2026/07/01/boffins-peg-narcissistic-leadership-as-the-real...
1•CrankyBear•11m ago•0 comments

EU court says private jet manufacturing can be labelled green investment

https://www.reuters.com/business/environment/eu-court-says-private-jet-manufacturing-can-be-label...
1•sajithdilshan•12m ago•0 comments

Show HN: Pixelblock – block email open tracking images in Gmail

https://chromewebstore.google.com/detail/pixelblock/jmpmfcjnflbcoidlgapblgpgbilinlem
1•ramoq•12m ago•1 comments

I replaced Resend across 12 SaaS projects with my own email service

https://automation.commvergent.com/blog/mailwain-transactional-email-service
1•kandusm•13m ago•0 comments

Japan plans sovereign AI model and 10M robots

https://www.japantimes.co.jp/news/2026/07/01/japan/japan-ai-plans/
2•geox•15m ago•0 comments

A Forlorn Hope of Fortran Modernisation

https://amenzwa.github.io/stem/PL/FortranModernisation/
1•Elzair•15m ago•0 comments

Anthropic is hiring someone to protect democracy from its own AI

https://blog.mccoy.io/anthropic-research-engineer-rule-of-law
1•jgafni•15m ago•0 comments

The hard part of AI root cause analysis is no longer the model

https://coroot.com/blog/hard-part-of-ai-root-cause-analysis-is-no-longer-the-model/
1•nikolay_sivko•18m ago•0 comments

Tabsmith-lint – catch Chrome Web Store rejections before you submit

https://github.com/rsub122/tabsmith-lint
1•rsub122•18m ago•0 comments

Ask HN: Has anyone had success finding freelance gigs from HN

2•mr_o47•18m ago•0 comments

Show HN: Send physical letters to U.S. representatives, Civic Mail

https://pieterpost.com/en/send-letter-to-representative/
2•Neddes•19m ago•0 comments

Don't let AI fill in all the important blanks

https://www.0xsid.com/blog/dont-let-ai-fill-all-the-blanks
2•ssiddharth•19m ago•0 comments
Open in hackernews

We moved our Bluesky data to Eurosky

https://waag.org/en/article/why-we-moved-our-bluesky-data-eurosky/
147•dotcoma•1d ago

Comments

pelagicAustral•1d ago
I'm left wondering if maybe all the years I spend tinkering with Linux servers and self-hosted infrastructure are just about to pay off big time now that there is a massive move for governments and institutions to take control of their infrastructure... You still pretty much need a human to spin and maintain infrastructure, wire things securely, and monitor... Now I just need to wait until someone rebrands sysop into something cool sounding like Sovereign Re-orchestration Professional, or Reacquisition Specialist... Data Nationalisation Champion
dotcoma•1d ago
SDS, Sovereign Data Specialist ;)
lostlogin•23h ago
> Sovereign Data Specialist

It immediately makes me think of sovereign citizens and I get twitchy.

giancarlostoro•22h ago
MY DATA IS NOT OPERATING IN COMMERCE!
toomuchtodo•1d ago
Cloud repatriation engineer, infra sovereignty strategist. Are sysadmins back? Too early to tell imho.

https://xkcd.com/705/

dotcoma•1d ago
You win. Cloud repatriation engineer.
toomuchtodo•5h ago
Delightful! Maybe I'll make some tshirts to hand out at defcon.
caycep•1d ago
Better job titles than any AI CEO could come up with!
busterarm•1d ago
I do this at significant scale and you need a high tolerance for a lot of different negatives to last doing it for governments (and adjacent).

The only exception to this rule I would say is AWS GovCloud, which also might be one of the only chill teams to work at across Amazon. It turns out having "only one way to do it", a system proved through a rigorous vetting process and a thoroughly worked-through contracting process leads to a pretty fantastic work environment for practitioners.

Trying to reimplement that piecemeal is for tougher men than me though. I think I'd rather sit on hot nails.

sph•1d ago
Joking aside, there is a lot of contract work to help EU quasi-governative entities to move off US clouds. I have been on contract for the last 18 months to recreate some functionality of AWS on top of OVH for a client adjacent to the European Space Agency.

The catch is that being government contract you, the guy doing the actual work, are beneath three or four layers of companies and bureaucracy and you get over engineered yet somehow too vague specs and projects that take 6 months just to get approved. But hey, the pay is good, and it’s for one of the better causes.

My other EU client, a much smaller non-tech company for whom I host their servers, has recently wanted to know if we depend on any US services, to reduce their exposure.

I believe you can get decent work just by advertising yourself as an expert in migrating code and data out of the US.

That said, the job and economy situation is a big question mark and appetite to invest has lessened dramatically so YMMV

Imustaskforhelp•1d ago
> That said, the job and economy situation is a big question mark and appetite to invest has lessened dramatically so YMMV

Could you elaborate perhaps a bit more on this on actually why the appetite for investment has lessened? I'd be curious to know more, thanks!

sph•1d ago
I am no economist nor work in sales so my opinion is worthless, but it’s both waiting to see where this AI nonsense leads us, the stock market being an absolute shitshow solely propped up by this AI nonsense while the rest of Europe is in a phase of stagflation, the geopolitical situation at home and with our crazy partner, plus companies readjusting after the end of ZIRP.

Fair to say investments and new projects are a bit harder to come by.

alex1138•1d ago
Tim Berners Lee has Solid
IndySun•1d ago
I like his vision. Can you recommend a pod? The UK based Solid Community ones (and others, apparently) are 'experimental'.

"To use this system, you must understand that we cannot make any guarantees regarding the security and privacy of data that you may store in a solidcommunity.net Solid pod, or concerning the system's functionality and availability."

thisismissem•1d ago
I used to work for timbl's company Inrupt on Solid on the SDK team. Inrupt no longer appears to be doing solid (or at least it's very well hidden if it still exists).

AT Protocol achieved what Solid envisioned without the inane complexities of rdf and json-ld, which were the biggest learning blockers to people actually adopting Solid.

toomuchtodo•23h ago
Comparison Between ATProto and Tim Berners-Lee's Solid Protocol - https://news.ycombinator.com/item?id=48724526 - June 2026 (0 comments currently)

Related:

ATProto Permissioned Data Proposal Draft - https://news.ycombinator.com/item?id=48651727 - June 2026 (4 comments)

thrill•23h ago
Why not - eventually it will be The Year Of The Linux Desktop.
rsolva•22h ago
I got hired by a local company exactly for my experience with running linux servers at home and in a semi-professional capacity. They had hired someone with perfect credentials from university with several masters degrees, but they had to let him go after half a year because he did not fit in to their linux environment that has been operating since the 90s. I had no formal education, but many years with tinkering, self-hosting and operating linux machines for a small number of customers, and they could not hire me fast enough. They told me that it is really hard to come by people with this mix of experiences, everything is in the clouds these days.
goody71•1d ago
So the "news" here is they're hosting their own PDS? I think that was the main point of Atmosphere and Bluesky was just a popular gateway to get people into it.

Unless I'm missing something else...

skybrian•1d ago
That's the plan, but to get to actual decentralization, one of the steps is for more people to actually move their PDS's somewhere other than Bluesky.

(They are not self-hosting; Eurosky is doing it.)

dotcoma•1d ago
But... if Waag are not self-hosting, and they're not, how likely is it that normal people will start doing so in relatively large numbers?
skybrian•1d ago
I don't think that's the goal? If we got to the point where no service hosts the majority of accounts, that would be a pretty good milestone.
dotcoma•23h ago
That would indeed be a huge improvement over the current situation, with 98.5% of repos hosted directly by bsky (!)

https://atproto.barn.city/

steveklabnik•1d ago
An important part of how this works is that you don't have to make that choice right away.

I've been meaning to move to my own PDS for a few months now. Still haven't. Whenever I decide to get around to it, it'll be fine.

jrm4•1d ago
And what does this do safety/privacy-wise?

Nothing, except make it more available.

This is why I often argue against (or at least want to point out the dangers of) the ATProto/Bluesky model.

It's an absolute boon for people who want heavy surveillance, government or otherwise.

The looseness and "unreliability" of protocols like Mastodon ironically make them safer.

skybrian•1d ago
Yes, AT proto is about making data available to the public via replication. There's no privacy at all, but it's useful for some things. Hacker News comments don't have any privacy either.

There's another protocol in the works that should be useful for syncing private data:

https://github.com/bluesky-social/proposals/pull/94

palata•1d ago
I am genuinely confused. Isn't the point of public social media to be... public? Or do you use BlueSky to talk to your friends, instead of Signal?
ballon_monkey•22h ago
It is but they don't like being on a platform where people can disagree with them. They like their echo chamber.
jacobgold•1d ago
This is great. The entire idea of AT is that users can move their data for any reason. We want more of this.

But I do think it's always worth pushing back a bit on this idea:

> "The way Bluesky is funded is at odds with the idea of decentralisation because the platform relies on venture capital and operates under a shareholder model."

Large decentralized infrastructure like the internet, DNS, email, and the web was largely built by VC-backed companies.

The most important open source project, Linux, is funded by major tech companies through the Linux Foundation, with $311 million last year.

Corporate incentives do create conflicts, so it makes sense to be paranoid and skeptical. But the idea that companies can't contribute to open and decentralized systems is exactly the wrong lesson to learn.

We want more VC-backed startups working on open social networks and protocols. It would be great if many of them were in Europe.

dotcoma•1d ago
> the internet, DNS, email, and the web were largely built by VC-backed companies

Really ?

jacobgold•1d ago
There were famously government and university programs that played important early roles too. But it was largely people working for companies that actually built these systems.

What organizations do you think created the switches, routers, servers, software, fiber optic backbones? Who created the new protocols?

It was companies like AT&T/Bell Labs, Cisco, 3Com, Sun, UUNET, Netscape, AOL, the major telecoms, and a thousand other companies we don't remember.

Something like 1% inspiration from academia and government, and 99% perspiration by people working inside companies.

Munksgaard•1d ago
How many of those organizations you named were VC-backed?
nottorp•1d ago
But ... they have a "Follow us on BlueSky" link that goes to bsky.app not esky.something?
steveklabnik•1d ago
Follows work independent of which app you're using, so it works either way. Not an issue.

(Think of it this way: "I am following <username>" is a record stored in my own database, so it doesn't matter which app I click the button on that writes that record.)

quasigod•1d ago
On atproto your PDS and the appview you use are not linked. Your data is stored on your PDS and available to any app that handled Bluesky records.
nottorp•23h ago
Ah, thanks for the explanation.
VCFundedGenYer•20h ago
I don't understand - why not just make a Mastodon server and join the fediverse? Bluesky is a dead end.
kevinak•1d ago
You won’t have decentralisation on Atproto because the protocol itself incentivises centralisation.
tancop•1d ago
the only true centralized part is the did:plc registry and thats designed to be fully auditable. all canonical data is stored on your pds so if you self host that you get full control.

decentralization is not about the number of app instances but how easy it is to switch from one to another. on that metric bluesky is already better than fediverse.

kevinak•1d ago
That’s a very narrow definition of decentralisation. In any case - both atproto and fediverse are massively centralised compared to something like Nostr, and it’s not even close.

The fact that the PDS in practice owns your identity in the vast vast majority of cases is such a dumb trade off that it’s honestly laughable. Should Bluesky decide to splinter off of the network there would be like 50000 people left.

Stop telling people that it’s decentralised in any meaningful way and be honest about it instead. That’s the issue. The dishonesty and tricking users.

AlienRobot•1d ago
There are two kinds of people.

1. People who have no idea what decentralized is.

2. People who would try to figure exactly how decentralized something is.

If you are the latter, you would instantly question the data model of Bluesky and of Mastodon as well. If you are the former then that just sounds like a buzzword.

steveklabnik•1d ago
> The fact that the PDS in practice owns your identity

This is incorrect.

1. a PDS stores data, it does not own the identity.

2. Your identity is controlled by a DID, of which most users use DID:PLC.

3. This means the PLC directory controls who owns the identity.

4. Users can upload their own keys into the directory to ensure they have control.

5. At this point, the threat vector is "PLC directory lies", which is why there are transparency logs and independent mirrors.

kevinak•22h ago
Nope. When I’m talking about identity I’m speaking strictly of the keys that sign your messages and the pub key derived from it. In every other cryptographic system that is your identity. It is absolutely correct that the PDS has complete control over your keys when it comes to 99.99% of users. I challenge you to prove the opposite.
steveklabnik•22h ago
> When I’m talking about identity I’m speaking strictly of the keys that sign your messages and the pub key derived from it.

Me too.

> I challenge you to prove the opposite.

https://web.plc.directory/spec/v0.1/did-plc

kevinak•21h ago
Where are your rotation and signing keys stored? Who can access them? Talking here about the majority case.
steveklabnik•20h ago
> Where are your rotation and signing keys stored? Who can acccess them?

This uses public key cryptography, so there's multiple answers here. Let's start at the beginning:

atproto uses DIDs as its identity standard: http://w3.org/TR/did-1.0/

Here is my DID, we'll use this as an example: did:plc:3danwc67lo7obz2fmdg6jxcr

There are three parts, separated by colons: The scheme (did), the method (plc), and the DID method-specific identifier (3danwc67lo7obz2fmdg6jxcr).

To use a DID, such as did:plc:3danwc67lo7obz2fmdg6jxcr, you resolve it into a DID Document https://www.w3.org/TR/did-1.0/#dfn-did-documents

> A set of data describing the DID subject, including mechanisms, such as cryptographic public keys, that the DID subject or a DID delegate can use to authenticate itself and prove its association with the DID.

That document contains various properties that describe the identity: https://www.w3.org/TR/did-1.0/#core-properties

One of those properties is the "verification method", which tells you what to do to verify the identity. So you just do whatever is in that, and that gives you the identity. In other words, the broadest part of the spec is very pluggable, it does not describe the answer to your question in all cases.

So let's get more specific: One kind of DID, and the one that's used by virtually all of atproto users, is DID:PLC. As you can see from my DID above, I'm using the PLC method for my DID.

Its specification is what I linked you to above, https://web.plc.directory/spec/v0.1/did-plc.

You can see my specific entry here, for example: https://plc.directory/did:plc:3danwc67lo7obz2fmdg6jxcr

(Note that, before we get into any other part of it, this document points at my PDS, https://morel.us-east.host.bsky.network . So already, without going further, this is why your original comment is wrong: my identity points at my PDS, my PDS does not point at my identity.)

This specifies what goes into the "verification method" of a DID document that uses this method. In this case, if you look at mine, you'll see that it points (eventually) to https://www.w3.org/TR/cid-1.0/, which is what the Multikey stuff is about. From that spec:

> Controlled identifier documents identify a subject and provide verification methods that express public cryptographic material, such as public keys, for verifying proofs created on behalf of the subject for specific purposes, such as authentication, attestation, key agreement (for encryption), and capability invocation and delegation. Controlled identifier documents also list service endpoints related to an identifier; for example, from which to request additional information for verification.

This is already getting deep in the weeds, but the point is that the publicKeyMultibase is the encoded form of the public key that controls my identity. So that's where that lives. What about its associated private key? Well, it can be anywhere! From an identity perspective, the location of the private key doesn't matter. Only that whoever has that key produces information under that identity, when signed.

So let's talk in practice: when you sign up for Bluesky, they store the private key for you. This way, for users that don't care about any of these details, they do not have to think about it at all. It's saved with the rest of your account data, you don't have to worry about backups or anything.

However, at any time, any user can register a rotation key with the PLC directory. To do this, you generate a new public and private key, and then store that private key wherever you'd like. All the usual caveats here apply. You can then use your existing private key to add this new public key to your account. Once you do that, it shows up in your DID document as a rotation key. You can use that rotation key to add more keys, remove the Bluesky owned keypair, whatever you want. Now it's not stored by Bluesky.

The majority of users have not done this, it's true. But they can. Whenever they'd like.

jacobgold•1d ago
Cisco, backed early by Sequoia.

3Com, raised $1.1M from three venture capitalists in 1981.

Sun, a Kleiner Perkins portfolio company.

UUNET, raised from Accel, Menlo, and NEA in 1993.

Netscape, backed by Kleiner Perkins.

AOL, backed by Kleiner Perkins.

JdeBP•1d ago
I am sure that DARPA, BBN, USC Information Sciences Institute, and many others will be overjoyed to learn that they've been erased from history by the new narrative that Venture Capitalists Built Everything. (-:
jacobgold•1d ago
BBN was a private company...
jorams•1d ago
A private company doing DARPA-funded research.
jacobgold•1d ago
Initially, yes, and then they became an important commercial internet service and backbone provider. They were quickly joined by a huge wave of other private companies, almost all VC-backed.
rafterydj•1d ago
Yeah that raised my eyebrow as well. "Popularized" maybe, but "largely built" I think is a mis-characterization.
jacobgold•1d ago
"Commercialized" is probably the word you want, and I'd agree with.

It turns out that commercialization is most of the work of creating a globally decentralized system. Which doesn't mean the non-commercial work wasn't critical.

khurs•1d ago
>Large decentralized infrastructure like the internet, DNS, email, and the web was largely built by VC-backed companies.

The poor need the rich to start a company as banks are prevented (by the rich) from lending to them.

The rich like VC as it's a tax write-off, they invest in VCs and get even more richer.

Most startups fail, the VC's investors get any leftovers and poor founder walks off empty.

>What about when things go wrong?

In general, if you lose money on an investment, you can offset that “capital loss” against a capital gain you have from something else.

https://www.venturesouth.vc/write-offs

fsckboy•1d ago
>The poor need the rich to start a company as banks are prevented (by the rich) from lending to them.

no. the banks hold the poor's money, and it needs to do so without risk because the poor need their money. lending money to start companies that are completly unsecured is too risky for banks, they lend money to buy houses which is secured debt.

khurs•1d ago
Banks lend against homes as the state guarantees the housing market is too big to fail and will bail them out.

Banks often lend at low LTV ratios because the prices are inflated so people on normal salaries can't actually afford to put down a large deposit, which means a slight drop puts them into negative equity but the banks are not concerned as they are protected.

If the state chose to underwrite startups in the same way...

toomuchtodo•22h ago
Internet Archive? Non profit. Let's Encrypt? Non profit. ICANN? Non profit. Linux Foundation? Non profit.

VC funding is fine in some contexts, but most of the stack should be non profit driven whenever possible to prevent the eventual enshittification and attempts at capture by profit driven actors. You can always donate to the relevant non profit (code, time, fiat), but by operating the public good as a non profit, you're creating a form of security boundary and reducing attack surface by economic threat actors. Worst case, the VC funded enterprise fails open and the only harm is employees who need to find new jobs and shareholders and investors who experience a capital loss.

We want to continue to own the commons and culture collectively when for profit companies building on public social infrastructure ("open social networks and protocols") close or a suboptimal change of ownership occurs.

jacobgold•22h ago
> Internet Archive? Non profit. Let's Encrypt? Non profit. ICANN? Non profit. Linux Foundation? Non profit.

Non-profits are great and we should have them too. If you look into how these non-profits are funded, it's largely corporate money.

toomuchtodo•21h ago
Indeed! And that's okay. The money pays the bills, but they do not have control over the non profit. Assuming good faith and no fraud, the money, once given to the non profit, cannot be clawed back by anyone in the future (investors, shareholders, creditors, future owners, etc). They remain "on mission" regardless of what happens to the for profit that provided funding in some capacity. Funding the non profit is a one way transfer of value across a security boundary of control.
kevinak•7h ago
That's a lot of information about something that does not really matter in practice. It's not until ew get to the very end of your comment that we get to the actually relevant part for the discussion.

> So let's talk in practice: when you sign up for Bluesky, they store the private key for you. This way, for users that don't care about any of these details, they do not have to think about it at all. It's saved with the rest of your account data, you don't have to worry about backups or anything.

> However, at any time, any user can register a rotation key with the PLC directory. To do this, you generate a new public and private key, and then store that private key wherever you'd like. All the usual caveats here apply. You can then use your existing private key to add this new public key to your account. Once you do that, it shows up in your DID document as a rotation key. You can use that rotation key to add more keys, remove the Bluesky owned keypair, whatever you want. Now it's not stored by Bluesky.

> The majority of users have not done this, it's true. But they can. Whenever they'd like.

The Bluesky PDS stores (and has access to!) your private keys. They are in full control of your identity. It just so happens that 99.99% of users are on the Bluesky PDSs AND 99.99% of users will choose the path of least resistance and in practice NEVER register an external rotation key. This is exactly the problem. It is massively centralized and a rug pull from Bluesky would effectively just kill off the network.

It's insane that this is just hand-waved away because "you can just self-host" or "you can just register an external rotation key". If you think users will actually do this I have a bridge to sell you.