frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

What is Property Based Testing? (2016)

https://hypothesis.works/articles/what-is-property-based-testing/
1•downbad_•3m ago•0 comments

Bacteria turning uranium into stable compound

https://scitechdaily.com/bacteria-turn-toxic-uranium-into-a-surprisingly-stable-compound/
1•Gaishan•6m ago•0 comments

Ask HN: How do you use LLMs for private discussions?

2•emerongi•8m ago•2 comments

Europe's productivity keeps outpacing the US

https://sethackerman.substack.com/p/europes-productivity-keeps-outpacing
1•ZeljkoS•9m ago•0 comments

Advice to New Managers: Don't Joke About Firing People (2020)

https://staysaasy.com/engineering/2020/06/09/Don%27t-Joke.html
1•downbad_•12m ago•0 comments

Where did my segfault go?

https://rmpr.xyz/Where-did-my-segfault-go/
2•birdculture•13m ago•0 comments

Good for business or profit at any cost: Private equity's controversial side

https://www.theguardian.com/business/ng-interactive/2026/jun/29/private-equity-visual-explainer-u...
2•gmays•13m ago•0 comments

Show HN: Bananarr – Peel Back the Tech Stack of Any Website

https://bananarr.com/
1•ernsheong•14m ago•0 comments

Show HN: Sleep external displays connected to a MacBook after closing lid

https://github.com/KristijanKocev/lidwatch
1•justAnotherHero•14m ago•0 comments

The Trouble with Effortless Code

https://codeplusconduct.substack.com/p/the-trouble-with-effortless-code
1•mooreds•19m ago•0 comments

A top Russian oligarch breaks the silence

https://www.economist.com/1843/2026/07/09/a-top-russian-oligarch-breaks-the-silence
3•mooreds•21m ago•1 comments

Show HN: Personal Biohacking Lab

https://selfassay.com
1•ainthusiast•25m ago•0 comments

I trained a 113M-parameter earthquake LLM from absolute scratch

https://github.com/jiazhe868/nanogpt-seis
2•jzsfg•27m ago•0 comments

"A Clockwork Orange" Nadsat Dictionary

https://www.mattiavaccari.net/mis/nadsat.html
2•yubblegum•28m ago•0 comments

I built a community ranking platform for everything – would love brutal feedback

https://peakd.io
1•GroguMaster•30m ago•0 comments

Believe the Hype About Teen Takeovers

https://www.theatlantic.com/ideas/2026/07/teen-takeovers-violence-dc/687866/
4•paulpauper•32m ago•0 comments

American Loneliness

https://www.theatlantic.com/ideas/2026/07/america-birthday-250-roadtrip/687877/
2•paulpauper•33m ago•1 comments

UI Degrades over Time

https://grumpy.website/1723
2•petilon•34m ago•1 comments

AI is the new Printing Press (another trite take)

https://idan.substack.com/p/ai-is-the-new-printing-press
1•idanb•36m ago•0 comments

Profiling the "Abundance" housing bottleneck with real data

https://laxmena.com/same-capacity-less-throughput
1•laxmena•40m ago•0 comments

Show HN: Almanac – A self-updating wiki from your files

https://usealmanac.com
1•reveriedev•40m ago•0 comments

Full Emoji List, v17.0

https://unicode.org/emoji/charts/full-emoji-list.html
2•mooreds•41m ago•0 comments

Archaeology team unearths 'prototype' of world-famous Stonehenge monument

https://apnews.com/article/stonehenge-britain-discovery-summer-solstice-36f8517159a9e750c1042bebd...
2•zdw•44m ago•0 comments

I made a free Islamic prayer app to quit saying "I'll pray in 5 minutes"

https://better-prayer.com
2•Adam-Hincu•44m ago•1 comments

Why recruiters can't find workers and new grads can't find jobs (it's not AI)

https://www.washingtonpost.com/education/2026/07/12/why-recruiters-cant-find-workers-new-grads-ca...
2•rustoo•45m ago•2 comments

Nuclear war survival guide reveals seven everyday items if disaster strikes

https://www.dailymail.com/sciencetech/article-15795297/Forgotten-nuclear-war-survival-guide-revea...
7•Bender•51m ago•5 comments

Crayola Marker Airbrush Kit

https://www.crayola.com/products/toys/marker-airbrush-kit-747669
1•turtleyacht•51m ago•0 comments

MacSurf 2.0 – Netsurf for Mac OS 9 Released

https://github.com/mplsllc/macsurf/releases/tag/v2.0
2•mplsllc•53m ago•0 comments

Show HN: PitchTrail – Perfect Pitch for Kids

https://pitchtrail.app/
2•theckel•55m ago•0 comments

UN adopts first binding framework for automated driving systems

https://www.heise.de/news/Meilenstein-fuer-Robotaxis-UN-verabschiedet-globales-Recht-fuer-autonom...
1•logickkk1•58m ago•0 comments
Open in hackernews

Since Chromium 148, Math.tanh is now fingerprintable to link underlying OS

https://scrapfly.dev/posts/browser-math-os-fingerprint/
114•joahnn_s•1h ago

Comments

joahnn_s•1h ago
We noticed Chromium Math.tanh since v148 returned a different result, so we dig it - it's now a fingerprintable surface to retrieve the OS Chromium run on
dmitrygr•1h ago
Interesting reporting, marred by obvious llm-slop-sounding writing. "You are not building..., you are ..."
netsharc•27m ago
Why "slop-sounding"? It's definitely LLM slop.

Man, why the fuck don't they just make a powerpoint with bullet points if all the sentences are like that.

sjrd•1h ago
I guess that's one more good reason to push for correctly rounded transcendental functions. I recently learned that they're basically solved now. [1]

[1] https://arith2026.org/program.html (2nd keynote)

Retr0id•58m ago
Tangential, but wow do they really register a new domain for each year and renew it in perpetuity?
yzydserd•48m ago
arith2027.org taken, arith2028.org available.
Retr0id•48m ago
Well, there's an arbitrage opportunity if I ever saw one
voxl•34m ago
They would just choose a different domain name, it's not that important and the previous years tend to forward link anyway.
torginus•17m ago
I never understood why fixed precision, and integer math isn't more popular. In engineering, we used fixed point all the time, it ran on much simpler hardware and the error is mathematically easy to model. IEEE 754 floats are not only suspect when it comes to theory, but are often outperformed with integers smaller than the mantissa (so less than 24 bits of int can beat a 32 bit float), when it comes to things like loss of precision.
Retr0id•1h ago
Thanks for the writeup, claude
_alternator_•54m ago
Yeah, interesting finding in the headline, the rest is just Claude.
drnick1•56m ago
This is interesting, but even without relying on JS, most users are already fingerprintable by the combination of IP + user agent.
Aurornis•55m ago
> One tanh call on the right input is a per-OS signature. Claim macOS, return Linux math bits, and you have contradicted your own User-Agent.

They (or rather the LLM that wrote this) missed that this is possibly fingerprintable to browser version range, which is slightly more interesting. Most users aren't spoofing their user agent headers to be a different operating system. Most fingerprinting solutions aren't trying to infer your operating system, they only care about semi-unique things that show up.

It's an interesting finding. I wish they had taken some time to have a real person write it up. This is too heavily LLM written to ignore.

jeroenhd•50m ago
> Most users aren't spoofing their user agent headers to be a different operating system.

The people behind the LLM behind this blog post are. They're trying to pretend their robots are people to sell other websites' data to their customer. It's easier to pass bot detection gates if you pretend to be a physical machine running Windows or macOS than if you honestly admit you're using Linux on a VM.

reactordev•28m ago
The Internet is a cesspool of scams now
d1ss0nanz•20m ago
Always was.
pocksuppet•8m ago
scraping, however, is not intrinsically a scam.
jeroenhd•53m ago
Kind of a smart move by this company: write up an AI analysis of all fingerprinting techniques in hopes they get fixed after outrage so their scraping company can make more money. If it weren't for companies like this, fingerprinting wouldn't be so ubiquitous and the internet would be a better place in general.

I prefer articles like this coming from the other side of the battle (fingerprint.js and friends) because at least their motives are clear.

codedokode•25m ago
I disagree, fingerprinting is necessary to track humans and it will be used regardless of scrapers being there or not.
a-dub•50m ago
how hardened are modern browsers with respect to detecting underlying os? seems like there would be loads of gaps?
amelius•49m ago
Can't we make fingerprinting illegal, as in, jailtime illegal?

Would not solve everything but still help a lot.

chaboud•40m ago
I'd rather penalize the application than the technique. Windows was rumored to long have "quirks" that would do better things for apps that had bugs that the OS ended up fixing instead of the app.

Javascript systems have long had polyfills for varied browser feature comparability gaps.

Whether you agree with these, making probing detection via fingerprinting illegal would take away this lever. Making surreptitious tracking via fingerprinting illegal? Even for state actors?

Yeah, that's probably reasonable. If someone is going to wear a tracking collar in exchange for "free" services, a little disclosure makes sense.

Terr_•22m ago
Yeah, the problem is how the data is kept and abused afterwards.
akersten•33m ago
Why should it be illegal for me to recognize the way you walk into my store, even though you're wearing a mask and a trenchcoat? Some vague sense of indignation?

Yeah, tracking bad, I get it, but are whatever damages that kind of legislation would prevent (probably nothing measurable) really more important than fixing the easy, in our face social problems that politicians could instead be focusing on?

altcognito•27m ago
Because you don't have a right to know everything about me, follow me to my home, my purchasing preferences, and so on and so forth.
mrsssnake•32m ago
JavaScript was a mistake.
qurren•31m ago
just inject this with your favorite JS injection plugin

    let oldTanh = Math.tanh;
    Math.tanh = x => oldTanh(x) + Math.random()/10000000;
sanxiyn•19m ago
The article addresses this: search for "No noise".
chjj•18m ago
it's elegant, but i prefer:

    Math.tanh = Math.random;
gruez•4m ago
Great, now you'll be outed as "hides fingerprint", which is probably more identifying than if you returned a normal value.
torginus•23m ago
What I don't get is that Chrome is hundreds of megabytes of just executable code, I assumed they statically linked half the userland. Also, I though tanh isn't a function, but an intrinsic emitted by the JS JIt that uses CPU instructions - which might be fingerprintable as well, but it's weird that for a math operation, you need to branch to a 'dlsym()' function.
coppsilgold•13m ago
Even Tor Browser (/mullvad-browser) gave up trying to obscure the operating system, though arguably they shouldn't have. There appear to be too many fingerprinting vectors.
mplewis
•
5m ago
It is when you're doing it like the LLM companies are: at scale, to the degree that you're taking down my site, without my consent by masking your user-agent, for the purpose of stealing data I didn't authorize you to have.
acters•15m ago
It's sometimes easier to lie than to tell the truth, and being on Linux telling the truth gets me more scrutiny than those pretending to be legit.
joahnn_s•6m ago
You can only assert >148 at the moment, but there are better vectors to strictly assert the version by simply checking the addition of v8/blink on each chromium version (and since ~120 it's the case), so by checking if xxx is present and yyy is not present in js userland or css feature, the inference is 100% for the major version

And for the LLM writing, yes, it's written in the article and blog, it's not hidden or pretending, otherwise I would never publish an article due to lack of time, and I assume

lorecore•25m ago
> Why should it be illegal for me to recognize the way you walk into my store, even though you're wearing a mask and a trenchcoat?

If you have that right, the public should have the right to know you're doing this before they enter your store, so they can avoid it.

Same with the websites, they should, legally, have to say they're about to fingerprint you so that you can close your browser tab and never come back.

thepasch•22m ago
> Why should it be illegal for me to recognize the way you walk into my store

If you did it in just your store, that wouldn't be a problem. The correct analogy, however, is "why should it be illegal for me to attach a perfectly traceable and invisible air-tag to you when you enter my store, without your explicit consent, and subsequently follow and document your every movement no matter where you go, as long as that location has a business relationship with my store, and also my store is the most popular chain on the planet that has business relationships with basically any relevant business that exists." And I don't think the answer to this one shouldn't be particularly difficult to arrive at.

akersten•15m ago
Well it's not really an airtag, I don't "attach" anything to your browser when I check what its GPU can do.

That's just a description of you that I share with my other stores. Casinos, Target, Burger King, etc all do this when you get 86'd, for example.

kaladin-jasnah•5m ago
Isn't fingerprinting used across many different websites? Then the analogy would be a number of stores colluding to recognize the same person across all stores?

(I have no idea, I don't know too much about this)

bloody-crow•30m ago
I don't think it'd be possible to define fingerprinting narrowly enough to not also outlaw perfectly normal and legitimate usecases.
codedokode•23m ago
Why don't you ask browser developers to stop adding features helping fingerprinting? Browsers even have some API for tracking ad clicks (attribution API or something) and user interests tracking API which nobody of the users needs.
joahnn_s•18m ago
The thing is that's not done on purpose and too hard to figure out how this has an impact underneath, if you read the v8 commit https://chromium.googlesource.com/v8/v8/+/c1486295ae5bcb0f8f... it's on a complete good faith