frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

I tricked Claude into leaking your deepest, darkest secrets

https://www.ayush.digital/blog/the-memory-heist
85•macleginn•1h ago•29 comments

Jurassic Park computers in excruciating detail

https://fabiensanglard.net/jurrasic_park_computers/index.html
322•vinhnx•4h ago•75 comments

Vancouver PD website features Quick Escape button that wipes itself from history

https://vpd.ca/
237•LookAtThatBacon•7h ago•94 comments

TS-2026-009: Insecure argument handling in Tailscale SSH permitted root access

https://tailscale.com/security-bulletins
129•jervant•6h ago•57 comments

Bonsai 27B: A 27B-Class model that runs on a phone

https://prismml.com/news/bonsai-27b
554•xenova•13h ago•198 comments

RISC-V Is Inevitable: State of the Union Keynote Argues

https://www.eetimes.com/risc-v-is-inevitable-state-of-the-union-keynote-argues/
21•signa11•1h ago•3 comments

Andon (manufacturing)

https://en.wikipedia.org/wiki/Andon_(manufacturing)
38•tony•3d ago•7 comments

The Tower Keeps Rising

https://lucumr.pocoo.org/2026/7/13/the-tower-keeps-rising/
446•cdrnsf•14h ago•211 comments

Dependabot version updates introduce default package cooldown

https://github.blog/changelog/2026-07-14-dependabot-version-updates-introduce-default-package-coo...
164•woodruffw•10h ago•100 comments

Cursor 0day: When Full Disclosure Becomes the Only Protection Left

https://mindgard.ai/blog/cursor-0day-when-full-disclosure-becomes-the-only-protection-left
330•Synthetic7346•13h ago•160 comments

How I use HTMX with Go

https://www.alexedwards.net/blog/how-i-use-htmx-with-go
209•gnabgib•11h ago•52 comments

Solving 20 Erdős Problems with 20 Codex Accounts Running in Parallel

https://www.starfleetmath.com/
117•colin7snyder•7h ago•51 comments

Microsoft Patches a Record 570 Security Flaws

https://krebsonsecurity.com/2026/07/microsoft-patches-a-record-570-security-flaws/
103•robin_reala•10h ago•48 comments

How to stop Claude from saying load-bearing

https://jola.dev/posts/how-to-stop-claude-from-saying-load-bearing
512•shintoist•19h ago•538 comments

I'm a USB-C Maximalist

https://shkspr.mobi/blog/2026/07/im-a-usb-c-maximalist/
255•speckx•16h ago•355 comments

The bread paradox: why convenience always wins, and why SaaS isn't doomed

https://www.joanwestenberg.com/p/the-bread-paradox-why-convenience
52•srijan4•1d ago•43 comments

Surprising lessons from my research scientist job search

https://yongzx.github.io/blog/2026/06/24/job-search/
3•gmays•4d ago•0 comments

Mathematical texts from a Maya site in Guatemala identify an ancient astronomer

https://www.nature.com/articles/d41586-026-02170-8
73•homarp•20h ago•21 comments

LeMario: Training a JEPA World Model on Super Mario Bros

https://www.benjamin-bai.com/projects/lemario
86•kevinjosethomas•9h ago•11 comments

The kids with phones are alright

https://heatherburns.tech/2026/07/08/the-kids-with-phones-are-alright/
192•JumpCrisscross•3d ago•166 comments

The largest available Minecraft world, totalling 15 TB

https://2b2t.place/1million
204•_____k•3d ago•70 comments

Launch HN: Agnost AI (YC S26) – Extract user feedback from agent conversations

https://agnost.ai
77•laalshaitaan•15h ago•37 comments

Probably check on your smart appliances

https://xeiaso.net/notes/2026/check-your-smart-tv/
60•xena•9h ago•20 comments

An unusual way for your DHCP server to run out of dynamic IPs

https://utcc.utoronto.ca/~cks/space/blog/sysadmin/DHCPServerAndScreamingHost
62•speckx•4d ago•14 comments

The Estranged Worlds of J. G. Ballard

https://lareviewofbooks.org/article/jg-ballard-illuminated-man-christopher-priest-nina-allan/
55•Caiero•1d ago•12 comments

Show HN: Juggler – an open-source GUI coding agent, by the creator of JUCE

https://github.com/juggler-ai/juggler
222•julesrms•2d ago•98 comments

The Trade in Looted Antiquities Endures for One Reason: Demand

https://news.artnet.com/art-world/matt-campbell-cambodia-looted-antiquities-2779870
14•derbOac•2d ago•5 comments

Are we offloading too much of our thinking to AI?

https://www.artfish.ai/p/offloading-thinking-to-ai
452•yenniejun111•16h ago•418 comments

C++20 Improved the For-Loop Syntax

https://lzon.ca/posts/tips/cpp-for-range-init/
35•jpmitchell•3d ago•47 comments

Your 'app' could have been a webpage (so I fixed it for you)

https://danq.me/2026/07/09/your-app-could-have-been-a-webpage/
786•MrVandemar•3d ago•473 comments
Open in hackernews

Proposal: Add bare metal support to Go

https://github.com/golang/go/issues/73608
85•rbanffy•1y ago

Comments

Someone•1y ago
FTA:

  // printk emits a single 8-bit character to standard output
  //
  //go:linkname printk runtime.printk
  func printk(c byte)
So, printing “Hello, world!”, necessarily will have to make 13 calls to this function. I think I would have required a printk that prints an array of bytes. I expect that can be significantly faster on lots of hardware.

In contrast, there’s

  // getRandomData generates len(b) random bytes and writes them into b
  //
  //go:linkname getRandomData runtime.getRandomData
  func getRandomData(b []byte)
Here, they seem to acknowledge that it can be faster to make a single call.
jeroenhd•1y ago
The method for printing uses an Intel UART driver to print characters. AFAIK, the standard low level UART generally only does single character transfers unless you write a (relatively) complex driver.

Rendering per string is better per string, but I'm not so sure how bad the difference is when it comes to UART but I doubt the system has enough throughput for the first implementation to matter.

90s_dev•1y ago
I wonder if this is related to that bare metal bios os post from a week or so ago. I asked the author why he used tty asm calls to print instead of calling int 10 directly and he said it was more efficient, but for different reasons.

https://news.ycombinator.com/item?id=43873822

Someone•1y ago
> The method for printing uses an Intel UART driver to print characters

The spec (rightfully) says “(e.g. serial console)”, not “Intel UART driver”.

You cannot know what bare metal you’re running on. On some hardware it could be sending data out over Bluetooth, USB or WiFi because that’s the only connection to the outside world.

ronsor•1y ago
Arguably `printk(c byte)` should be `printck(c byte)`, and there should be a separate `printk(s []byte)` that handles an array of bytes.

If `printk` isn't implemented, then fall back to repeated calls of `printck`.

lcarsip•1y ago
printk is the low level primitive for stdout printing and it's done this way as low level drivers generally only accept single characters.

There are upper level functions which simply takes a []byte and make fmt.Printf() work seamlessly and effectively when not printing on an UART that only takes a single character as output.

In TamaGo stdout is primarily used for debugging.

timewizard•1y ago
> Here, they seem to acknowledge that it can be faster to make a single call.

It calls the internal Fill function to fill 4 bytes of the slice at a time. That calls the rng assembly stub function which uses 'rdrand' to get 32bits of random data. Which gets called len(b)/4 times.

I don't think they did it for speed but rather to be more idiomatic.

Anyways, OSDev has had a "Go Bare Bones" page for quite a while:

https://wiki.osdev.org/Go_Bare_Bones

jasonthorsness•1y ago
We use 'scratch' containers for many of our Go applications, so they have no user-space stuff other than our application binary. It reduces exposure for security vulnerabilities. This proposal seems to be taking that approach to the extreme - not even a kernel. Super-interesting; I wonder if it could run on cloud VMs? How tiny could the image become?
jasonthorsness•1y ago
Looks like Tamago targets multiple VM runtimes https://github.com/usbarmory/tamago?tab=readme-ov-file
veggieroll•1y ago
How do you handle temp file space, timezone data, and other things that a minimal image provide?
kfreds•1y ago
Temp file space: Use RAM, or talk to host storage over Virtio.

Timezone data etc: You would have to fetch that over the network, or from a metadata API such as the one Firecracker provides to VM guests.

fpoling•1y ago
Services rarely need timezone done. So if one is OK with supporting only UTC, Go runtime works fine without any timezene data.

We use a minimal image to run in on AWS Nitro VM and it contains only kernel, init.d, the Go application file and TLS certificate roots with the root filesystem mounted over tmpfs.

Note that Nitro VM uses a custom kernel provided by AWS so the new proposal is not relevant for us. But if we could run Go directly in that VM, it will surely makes things faster and saves like 10% memory overhead. And it will also avoid OOM killer and few other bad unwanted interactions between Go runtime and Linux kernel memory management.

advanderveer•1y ago
I would be interested in this if it enabled deterministic simulation testing for the Go programming languages. There have been some efforts in this area but with little success.
rcarmo•1y ago
I use TinyGo, and it does that job well. Not sure if it’s necessary to mainline it.
lcarsip•1y ago
TinyGo targets an entirely different class of systems and is not something that can be upstream being a different compiler, see https://github.com/usbarmory/tamago/wiki/Frequently-Asked-Qu...
champtar•1y ago
For timezones data go already has https://pkg.go.dev/time/tzdata
kfreds•1y ago
> This proposal seems to be taking that approach to the extreme - not even a kernel.

To be fair, there is a kernel - the Go runtime. But since there is no privilege separation it classifies as a unikernel. Performance gains should be expected compared to a system where you have to copy data to/from guest VM kernel space to guest VM user space.

> I wonder if it could run on cloud VMs?

Yes. TamaGo currently runs in KVM guests with the following VMMs: Cloud Hypervisor, Firecracker microvm, QEMU microvm.

> How tiny could the image become?

Roughly the same size as your current Go binary. TamaGo doesn't add much.

ignoramous•1y ago
> To be fair, there is a kernel - the Go runtime.

I like Anil Madhavapeddy's definition for such setups. A compiler that just refuses to stop:

  MirageOS is a system written in pure OCaml where not only do common network protocols and file systems and high-level things like web servers and web stacks can all be expressed in OCaml but the compiler just refuses to stop ... compiler, instead of stopping and generating a binary that you then run inside Linux or Windows, will continue to specialize the application that it is compiling and ... emit a full operating system that can just boot by itself.
https://signalsandthreads.com/what-is-an-operating-system / https://archive.vn/yLfkq
eyberg•1y ago
Cloud vms are a main target for unikernels, however, as Russ mentions in one of the linked issues there actually is quite a lot of other code you need to include in your system depending on what you are deploying to.

For instance systems with arm64 might need UEFI or if you enable SEV now you need additional support for that which is why I'd agree with Russ's stance on this.

Every time someone asks us to provide support for a new cloud instance type (like a graviton 4 or azure's arm) we have to go in and sometimes provide a ton of new code to get it working.

kfreds•1y ago
I assume you're referring to this[1]. I don't think it's necessary to bring all of that into the Go runtime itself, or ask the Go team to maintain it. It would be part of your application, and similar to a board support package.

TamaGo already supports UEFI on x86, and that too would be part of the BSP for your application, not something that would need to be upstreamed to Go proper. Same for AMD SEV SNP.

As for you (nanovms) supporting new instance types, wouldn't it be nice to do that work in Go? :)

Edit: I wonder how big the performance impact would be if you used TamaGo's virtio-net support instead of calling from Go into nanos.