frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Bluesky to require age verification identification in Texas

https://www.chron.com/culture/article/texas-bluesky-age-verification-22328414.php
1•miohtama•20s ago•0 comments

Building a Plugin System: Native Libraries vs. Scripting vs. WebAssembly

https://kerkour.com/rust-plugins
1•redcannon218•34s ago•0 comments

AI that helps you BE, not just DO

https://self.md/concepts/be-not-do
2•promen_svitla•1m ago•0 comments

Show HN: Wolli – agents that extend themselves around a job

https://wolli.dev/
1•saba-ch•1m ago•0 comments

AI Pioneer Jürgen Schmidhuber on the State of AI Today

https://www.youtube.com/watch?v=RKjR8DQ40po
1•pretext•3m ago•0 comments

I made an LLM think in latent space. The model never read a single thought

https://github.com/Oli-26/LatentReasoningNoDecode/blob/main/BLOG.md
1•oli266•6m ago•0 comments

It's So Hard to Hire Good Help These Days

https://zhenyi.gibber.blog/its-so-hard-to-hire-good-help-these-days
1•zhenyi•7m ago•0 comments

OpenAI is shutting down its AI browser Atlas

https://techcrunch.com/2026/07/09/openai-is-shutting-down-atlas-but-its-ai-browser-ambitions-are-...
1•theHocineSaad•9m ago•0 comments

Show HN: WaitToUnlock – Set a ScreenTime passcode you cannot remember

https://waittounlock.com/
4•shorekey•9m ago•0 comments

Show HN: Real-time n-body tree code in CUDA

https://github.com/lechebs/nbody
1•lechebs•9m ago•0 comments

Zero-copy TLS ingress with kTLS and splice(2) for sandboxes

https://www.tensorlake.ai/blog/near-zero-overhead-sandbox-networking
1•diptanu•10m ago•0 comments

Epos Daimon, the Magic School Where Teens Play Fascists

https://mssv.net/2026/05/22/epos-daimon-the-antifascist-magic-school-for-teens/
3•surprisetalk•11m ago•0 comments

Polestar owners left 'holding the bag' after EV brand pulls out of the US

https://www.theverge.com/transportation/963399/polestar-owners-ban-dealers-service-warranty-lease
3•Brajeshwar•11m ago•1 comments

The IDE Bottleneck

https://ymichael.com/2026/06/23/the-ide-bottleneck.html
2•ymichael•11m ago•0 comments

Most people suck at traveling: 9 principles to travel well

https://itsiweinstock.substack.com/p/most-people-suck-at-traveling-9-principles
1•surprisetalk•11m ago•0 comments

Self-Powered Trailers Promise Leaner Freight Runs

https://spectrum.ieee.org/self-powered-trailers-freight-decarbonization
1•rbanffy•12m ago•0 comments

PeopleCounter.app – Turn any phone or webcam into a people counter

https://peoplecounter.app/
1•ZynZap•12m ago•0 comments

CEO Calls Us 'Terrorists and Worse Than Antifa' Admits Surveillance Secrets [video]

https://www.youtube.com/watch?v=DAPXpfXRUPI
1•Bender•12m ago•0 comments

AI's "overnight" solution for our flaky tests took two weeks to adopt

https://thoughtbot.com/blog/what-it-took-to-use-this-overnight-ai-solution
1•herbertl•14m ago•0 comments

Show HN: I made AI agent that deploys your thing on diff plats automaticaly

https://shypmenta.com/
2•Aarav03790•18m ago•0 comments

Toxic pufferfish with vicious bite and lethal flesh invade Mediterranean beaches

https://www.dailymail.com/news/article-15955883/Toxic-pufferfish-Mediterranean.html
2•NewCzech•19m ago•0 comments

Man Dies by Suicide After Using Grok to Make 7000 Sexual Images of Stepdaughter

https://www.ibtimes.co.uk/xai-lawsuit-grok-ai-generated-child-abuse-images-1807932
3•randycupertino•19m ago•0 comments

Show HN: Token Governor – The cheapest LLM token is the one you never send

https://github.com/shipitamit/llm-token-governor
1•mavster26•21m ago•0 comments

The Winning Essays for the Big Questions About AI

https://www.dwarkesh.com/p/blog-prize-winners
1•herbertl•23m ago•0 comments

Circle Receives Final OCC Approval to Establish National Trust Bank

https://www.circle.com/pressroom/circle-receives-final-occ-approval-to-establish-national-trust-bank
1•petethomas•25m ago•0 comments

A Love Letter to Flashcards

https://lesleylai.info/en/flashcards/
13•surprisetalk•26m ago•2 comments

OpenAI's Atlas browser doesn't make it to its first birthday

https://www.theregister.com/ai-and-ml/2026/07/10/openais-atlas-browser-doesnt-make-it-to-its-firs...
4•LorenDB•27m ago•0 comments

Where Is Downtown?

https://www.observingthecity.ca/downtown-definer
5•newer_vienna•30m ago•2 comments

Why accessing cuBLAS, cuFFT, cuDNN from within your Java application

https://www.tornadovm.org/blogs/java-at-the-metal-cuda-graphs-tensor-cores-cublas-cudnn-cufft
3•mikepapadim•31m ago•0 comments

Adam Tooze on the AI Arms Race – Ones and Tooze [video]

https://www.youtube.com/watch?v=QevC7OrdJP8
1•verdverm•31m ago•0 comments
Open in hackernews

I've been fixing AI slop for 6 months and here's my observations

https://aislopfix.dev/
2•avdept•53m ago

Comments

avdept•53m ago
I've been fixing Ai slop code for last 6 months and here's my observations(yeah I saw that thread where folks charge $10k to fix/refactor code by reducing its size and I think its wrong approach, but this inspired me to write this post)

Few words about me so I could gain more trust before you read all text below: I'm softtare engineer, 17 years in industry, worked with pretty much any technology and language, including embedded development(had a project related to bmw kafas system) and had positions at few relatively big enterprise corpos

The first customers - I found few folks on reddit complaining about their project code quality and suggested to fix them for some fixed price. I charged $500 per project(they all were pretty small).

Alot of projects suffer from one issue - no data scoping, you could request somebody's data by just passing different id in url - be it order id, profile id, etc. Somehow all those projects were built in same manner/way. This still an issue even on modern LLMs in cases when original author isnt a technical.

Another issue was(much rarer now) - exposed private keys directly on frontend.

One more thing - a lot of apps suffer from absence of backend and passing all requests to database directly from frontend, basically opening database to everyone(you could see creds in frontend js bundle)

The most dangerous one I saw - billing related, when on error the app would swallow the error in try-catch block and basically even failed payments were treated as succesful, so one of customers(yeah it was LLM wrapper) lost some good money on failed payments by granting subscription to those folks. In fact, billing-related issues are taking a big part of fixes and refactors. For these things I usually add extensive test coverage with proper VCR cassettes, so that tests are run against real requests/responses and having VCRs I can actually have response with needed data(failure, etc)

Recently I hired a guy to help me with this work, so if you want someone to help with your app, I'm happy to assist.

Sorry for all typos, no AI used to create this text, all manually typed and edited(im not native speaker)

one33seven•45m ago
> you could request somebody's data by just passing different id in url

Developers should feed their models the OWASP Website. This is known as IDOR. https://cheatsheetseries.owasp.org/cheatsheets/Insecure_Dire...

avdept•43m ago
developers do(but honestly devs are much more rarely do these mistakes)

non-devs have no idea about security at all, except that they need login page lol