frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Start all of your commands with a comma

https://rhodesmill.org/brandon/2009/commands-with-comma/
100•theblazehen•2d ago•22 comments

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

https://openciv3.org/
654•klaussilveira•13h ago•189 comments

The Waymo World Model

https://waymo.com/blog/2026/02/the-waymo-world-model-a-new-frontier-for-autonomous-driving-simula...
944•xnx•19h ago•549 comments

How we made geo joins 400× faster with H3 indexes

https://floedb.ai/blog/how-we-made-geo-joins-400-faster-with-h3-indexes
119•matheusalmeida•2d ago•29 comments

What Is Ruliology?

https://writings.stephenwolfram.com/2026/01/what-is-ruliology/
38•helloplanets•4d ago•38 comments

Unseen Footage of Atari Battlezone Arcade Cabinet Production

https://arcadeblogger.com/2026/02/02/unseen-footage-of-atari-battlezone-cabinet-production/
47•videotopia•4d ago•1 comments

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

https://github.com/valdanylchuk/breezydemo
227•isitcontent•14h ago•25 comments

Jeffrey Snover: "Welcome to the Room"

https://www.jsnover.com/blog/2026/02/01/welcome-to-the-room/
13•kaonwarb•3d ago•17 comments

Monty: A minimal, secure Python interpreter written in Rust for use by AI

https://github.com/pydantic/monty
219•dmpetrov•14h ago•113 comments

Show HN: I spent 4 years building a UI design tool with only the features I use

https://vecti.com
327•vecti•16h ago•143 comments

Sheldon Brown's Bicycle Technical Info

https://www.sheldonbrown.com/
378•ostacke•19h ago•94 comments

Hackers (1995) Animated Experience

https://hackers-1995.vercel.app/
487•todsacerdoti•21h ago•240 comments

Microsoft open-sources LiteBox, a security-focused library OS

https://github.com/microsoft/litebox
359•aktau•20h ago•181 comments

Show HN: If you lose your memory, how to regain access to your computer?

https://eljojo.github.io/rememory/
286•eljojo•16h ago•167 comments

An Update on Heroku

https://www.heroku.com/blog/an-update-on-heroku/
409•lstoll•20h ago•275 comments

Vocal Guide – belt sing without killing yourself

https://jesperordrup.github.io/vocal-guide/
21•jesperordrup•4h ago•12 comments

Dark Alley Mathematics

https://blog.szczepan.org/blog/three-points/
87•quibono•4d ago•21 comments

PC Floppy Copy Protection: Vault Prolok

https://martypc.blogspot.com/2024/09/pc-floppy-copy-protection-vault-prolok.html
59•kmm•5d ago•4 comments

Where did all the starships go?

https://www.datawrapper.de/blog/science-fiction-decline
3•speckx•3d ago•2 comments

Delimited Continuations vs. Lwt for Threads

https://mirageos.org/blog/delimcc-vs-lwt
31•romes•4d ago•3 comments

How to effectively write quality code with AI

https://heidenstedt.org/posts/2026/how-to-effectively-write-quality-code-with-ai/
250•i5heu•16h ago•194 comments

Was Benoit Mandelbrot a hedgehog or a fox?

https://arxiv.org/abs/2602.01122
15•bikenaga•3d ago•3 comments

Introducing the Developer Knowledge API and MCP Server

https://developers.googleblog.com/introducing-the-developer-knowledge-api-and-mcp-server/
56•gfortaine•11h ago•23 comments

I now assume that all ads on Apple news are scams

https://kirkville.com/i-now-assume-that-all-ads-on-apple-news-are-scams/
1062•cdrnsf•23h ago•444 comments

Why I Joined OpenAI

https://www.brendangregg.com/blog/2026-02-07/why-i-joined-openai.html
144•SerCe•9h ago•133 comments

Learning from context is harder than we thought

https://hy.tencent.com/research/100025?langVersion=en
180•limoce•3d ago•97 comments

Understanding Neural Network, Visually

https://visualrambling.space/neural-network/
287•surprisetalk•3d ago•41 comments

I spent 5 years in DevOps – Solutions engineering gave me what I was missing

https://infisical.com/blog/devops-to-solutions-engineering
147•vmatsiiako•18h ago•67 comments

Show HN: R3forth, a ColorForth-inspired language with a tiny VM

https://github.com/phreda4/r3
72•phreda4•13h ago•14 comments

Female Asian Elephant Calf Born at the Smithsonian National Zoo

https://www.si.edu/newsdesk/releases/female-asian-elephant-calf-born-smithsonians-national-zoo-an...
29•gmays•9h ago•12 comments
Open in hackernews

Tell HN: Gmail tampers with incoming email body content

10•chrisjj•6mo ago
Comparing Gmail page source with message original on for example the latest genuine Amazon scam warning shows linkification of "amazon.co.uk" by Gmail. Quite ironic given the warning about links in scam mails.

Gmail: https://i.imgur.com/MQH1shA.png Fastmail: https://i.imgur.com/tczhO8g.png

Gmail Print likewise: https://i.imgur.com/SWoPXqs.png

God help anyone printing emails to shows tampering or lack of for a legal case. And does Gmail have any "Display un****ed" option?? Er, no.

And Amazon, perhaps check your emails on the world's top web client?

Comments

nubg•6mo ago
I don't get what the problem is? Gmail turns text that looks like a link into a clickable link. What could the negative implications of that be?
john01dav•6mo ago
If they have some system to edit emails as they come in, then other less benign editing could be present, either profitable-malicious or from a bug. With no indication of editing and no easy way to view an unedited email this would also fly under the radar in many cases.
jsnell•6mo ago
Why in the world are you and the op calling this "editing"?

Like, the OP clearly does not understand the distinction between rendering the email and storing it, given their "evidence". But you do understand the difference. Why take their confusion at face value like that?

john01dav•6mo ago
I was answering the question about why it would be a problem if the evidence is correct. If the evidence is valid is a separate issue which I made a separate comment about.
chrisjj•6mo ago
The OP is not calling editing.

And storing? How is that in any way relevant?

jsnell•6mo ago
Fair enough, sorry about that. You called it "tampering" and "alteration". But honestly I don't see any distinction to "editing". All of those imply that the email is being changed. It isn't. The email is stored on disk just like it was sent, and that is observable in a number of ways (show original, fetch it with imap, forward the email).

And that's why storage is relevant. Your complaint was apparently just about how the email is rendered. There is no standard for how that should be done. Like, did you complain that your emails were being tampered with back in the day when you wrote them in a terminal with a fixed width font but someone viewed them in Outlook with a variable width font? I'd like to say that of course you didn't, because what would be a totally absurd complaint, but then again so is your actual complaint as well.

chrisjj•6mo ago
> You called it "tampering"

Yes.

> and "alteration"

No.

> But honestly I don't see any distinction to "editing". All of those imply that the email is being changed. It isn't. The email is stored on disk

This isn't about stored form. It is about displayed form - which is all that most users get.

> Your complaint was apparently just about how the email is rendered. There is no standard for how that should be done.

The standard is the expectation it is faithful to the sent form. This case fails that.

> Like, did you complain that your emails were being tampered with back in the day when you wrote them in a terminal with a fixed width font but someone viewed them in Outlook with a variable width font?

No. But someone did complain "Why are the tables messed up?" :)

Fortunately that wasn't a security issue.

chrisjj•6mo ago
Facilitating phishers.
VladVladikoff•6mo ago
I’m so confused. Isn’t Amazon.co.uk their official domain in the UK? How is that link a scam?
endominus•6mo ago
The OP is not claiming that the link is being changed; the complaint is that a hyperlink is being generated from the plaintext URL. The HTML body of the email is being modified.
chrisjj•6mo ago
No-one said that link is a scam. But the next one could be.
john01dav•6mo ago
In what client are you viewing this in your screenshots? If their web mail client displays things as links that's much less concerning to me than the SMTP backend tampering. It's expected for an email client to have quality of life features.
chrisjj•6mo ago
The client is as per the labels. Gmail, Fastmail.

> It's expected for an email client to have quality of life features.

Yup. Phishers deserve quality too!

Consider a phish-warning email saying "genuine emails from us will never contain links"... showing these links.

andylynch•6mo ago
Outlook’s done this for like a decade? Ditto Apple mail.

I think they do the same with email addresses and phone numbers too, it’s kind of useful and not a big deal.

AlexErrant•6mo ago
> does Gmail have any "Display un**ed" option?? Er, no.

On the email, click the dotdotdot, show original. https://imgur.com/a/ymjtfCI

chrisjj•6mo ago
Original HTML/base64 is not useful.
meinersbur•6mo ago
GMail (and Fastmail) are rendering the email. It just happens that the email and we webbrowser are both HTML. In no case should they just literally forward the email HTML to the browser. They scrub JavaScript, non-whitelisted HTML elements, rewrite links/external resources including tracking pixels.

You can see the raw email with "show original" in the options

Redoubts•6mo ago
Meh, macOS’s Mail.app approach of everything-but-the-JavaScript is great and I wish outlook & Gmail did it too
chrisjj•6mo ago
> They scrub ... non-whitelisted HTML elements

Any documenation on that list?

meinersbur•6mo ago
https://help.zapier.com/hc/en-us/articles/8496101927181-What...

I don't think there is an official list. It is security-related and changes over time

chrisjj•6mo ago
Thanks.

> It is security-related and changes over time

That would explain why new prints of an old message don't match old.

beardyw•6mo ago
I'm afraid my righteous indignation only flickered slightly.
politelemon•6mo ago
All web clients choose how to render their emails and there will be variations. This is not tampering.
chrisjj•6mo ago
It is, where the alteration is unauthorised.

I do not recall the Google terms seeking such authorisation.

Is there even an option to disable?