frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Show HN: LocalGPT – A local-first AI assistant in Rust with persistent memory

https://github.com/localgpt-app/localgpt
79•yi_wang•3h ago•24 comments

SectorC: A C Compiler in 512 bytes (2023)

https://xorvoid.com/sectorc.html
236•valyala•10h ago•46 comments

Haskell for all: Beyond agentic coding

https://haskellforall.com/2026/02/beyond-agentic-coding
30•RebelPotato•2h ago•6 comments

Speed up responses with fast mode

https://code.claude.com/docs/en/fast-mode
147•surprisetalk•10h ago•147 comments

Software factories and the agentic moment

https://factory.strongdm.ai/
181•mellosouls•13h ago•334 comments

Brookhaven Lab's RHIC concludes 25-year run with final collisions

https://www.hpcwire.com/off-the-wire/brookhaven-labs-rhic-concludes-25-year-run-with-final-collis...
65•gnufx•9h ago•55 comments

Hoot: Scheme on WebAssembly

https://www.spritely.institute/hoot/
175•AlexeyBrin•16h ago•32 comments

Stories from 25 Years of Software Development

https://susam.net/twenty-five-years-of-computing.html
156•vinhnx•13h ago•16 comments

LLMs as the new high level language

https://federicopereiro.com/llm-high/
46•swah•4d ago•95 comments

First Proof

https://arxiv.org/abs/2602.05192
127•samasblack•13h ago•76 comments

Vocal Guide – belt sing without killing yourself

https://jesperordrup.github.io/vocal-guide/
300•jesperordrup•20h ago•95 comments

Show HN: I saw this cool navigation reveal, so I made a simple HTML+CSS version

https://github.com/Momciloo/fun-with-clip-path
71•momciloo•10h ago•14 comments

FDA intends to take action against non-FDA-approved GLP-1 drugs

https://www.fda.gov/news-events/press-announcements/fda-intends-take-action-against-non-fda-appro...
98•randycupertino•6h ago•215 comments

Al Lowe on model trains, funny deaths and working with Disney

https://spillhistorie.no/2026/02/06/interview-with-sierra-veteran-al-lowe/
98•thelok•12h ago•22 comments

Start all of your commands with a comma (2009)

https://rhodesmill.org/brandon/2009/commands-with-comma/
569•theblazehen•3d ago•206 comments

Show HN: A luma dependent chroma compression algorithm (image compression)

https://www.bitsnbites.eu/a-spatial-domain-variable-block-size-luma-dependent-chroma-compression-...
35•mbitsnbites•3d ago•3 comments

Vouch

https://twitter.com/mitchellh/status/2020252149117313349
37•chwtutha•1h ago•6 comments

Show HN: Axiomeer – An open marketplace for AI agents

https://github.com/ujjwalredd/Axiomeer
8•ujjwalreddyks•5d ago•2 comments

The AI boom is causing shortages everywhere else

https://www.washingtonpost.com/technology/2026/02/07/ai-spending-economy-shortages/
289•1vuio0pswjnm7•17h ago•466 comments

Microsoft account bugs locked me out of Notepad – Are thin clients ruining PCs?

https://www.windowscentral.com/microsoft/windows-11/windows-locked-me-out-of-notepad-is-the-thin-...
130•josephcsible•8h ago•158 comments

I write games in C (yes, C) (2016)

https://jonathanwhiting.com/writing/blog/games_in_c/
182•valyala•10h ago•165 comments

Selection rather than prediction

https://voratiq.com/blog/selection-rather-than-prediction/
30•languid-photic•4d ago•9 comments

The F Word

http://muratbuffalo.blogspot.com/2026/02/friction.html
113•zdw•3d ago•56 comments

The silent death of good code

https://amit.prasad.me/blog/rip-good-code
83•amitprasad•5h ago•76 comments

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

https://openciv3.org/
899•klaussilveira•1d ago•275 comments

Learning from context is harder than we thought

https://hy.tencent.com/research/100025?langVersion=en
227•limoce•4d ago•125 comments

Where did all the starships go?

https://www.datawrapper.de/blog/science-fiction-decline
144•speckx•4d ago•227 comments

Reinforcement Learning from Human Feedback

https://rlhfbook.com/
115•onurkanbkrc•15h ago•5 comments

Unseen Footage of Atari Battlezone Arcade Cabinet Production

https://arcadeblogger.com/2026/02/02/unseen-footage-of-atari-battlezone-cabinet-production/
145•videotopia•4d ago•48 comments

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

https://github.com/valdanylchuk/breezydemo
301•isitcontent•1d ago•39 comments
Open in hackernews

Traffic Light Protocol

https://www.first.org/tlp/
59•eXpl0it3r•3mo ago

Comments

woodruffw•3mo ago
I've always found TLP confusing: it's not really clear (despite definition) what a community or organization is, which means that there's no clear decision procedure for determining whether a degree of access has been violated.

In my experience doing security embargos/disclosures, it's a lot easier to just explicitly enumerate the set of people/organizational entities who should be given access to non-public information.

yohannparis•3mo ago
From the protocol the community and organization needs to be defined by the source of the information. If not, then it cannot be shared without request from the source. They even have example for those situations.
woodruffw•3mo ago
It's not clear to me that I'm not able to meaningfully define these things, or that I'm even remotely unique in being unable to!
MattSayar•3mo ago
In practice, "organization" usually means your company or business. "The community" usually means an Information Sharing and Analysis Center (ISAC) aka a group of similar orgs that share information with each other; think financial services companies in the US, or energy companies in Japan.
woodruffw•3mo ago
Okay, maybe I'm just not the target audience for this. I didn't know what an ISAC was, but I've seen plenty of TLP markers on open source disclosures where it was exceedingly unclear what a "community" meant w/r/t appropriate sharing.
MattSayar•3mo ago
Yeah, in the cybersecurity space it's a lot more prevalent. TLP:CLEAR, if you will.
tptacek•3mo ago
He's a security practitioner.
tptacek•3mo ago
You know what an ISAC is. It's a meetup of beardy mid-level security managers from huge companies.
woodruffw•3mo ago
I'll save myself some embarrassment and say that I just didn't know that ISAC was the collective noun for that :-)
integralid•3mo ago
If you see something publicly it's TLP:White (or clear, since it was changed for weird readons) by definition. But yeah it's a term specific to it security, where it's usually well understood what TLP:Amber and TLP:Red means. I agree TLP:Green is a bit more fuzzy, and the intention is often basically "share with trusted parties but don't post publicly".
sxzygz•3mo ago
Since you’re being abstruse, consider information by definition is in possession by an entity (or rephrased a property of a system). For that information to move the system needs to be brought into contact with another system, and it is the nature of this contact that is being policed. If information doesn’t have an ambient system that is discernible then there is no distinction to be made if its sensitivity—it may as well be noise.
woodruffw•3mo ago
...what?
MeetingsBrowser•3mo ago
using the word abstruse is abstruse
seanhunter•3mo ago
> it's not really clear (despite definition) what a community or organization is

To make the parent’s point more obvious for people who are not used to a large enterprise context, concretely for example, at my workplace (which I would consider typical of a large organization) there are:

1) Regular employees and contractors who are employed by the main employer.

2) Employees who work for different legal entities from the main employer, have different sso domains handling their auth (and email domains for systems that do sharing protections via email) but are “really” part of the same company for security purposes. Think say people who came in as part of a merger but for various reasons their legal entity and brand needs to stick around so they have different auth, email etc.

3) People who work for actually different companies, have the same sso domains handling handling their auth and the same email domain as people in bucket 1 because we’ve given them logins and are working on sensitive security stuff (think: vendors and vendor contractors in the security or legal space)

4) People who work for actually different companies, have the same sso domains etc as bucket 1 and are not working on sensitive security stuff (think: vendors and vendor contractors everywhere else)

…and people sometimes move between groups 3 and 4 on a project by project basis. Notice all of these are “bound by common policies set by the organization” so all of them are in the “organization” for TLP at least by the second part of the definition, but 2,3 and 4 but don’t share a common affiliation by formal membership so are not part of the “organization” for the first half of the TLP definition.

So if I get a TLP:Amber document, who am I allowed to share it to? I should be sharing it to some of 1, 2 and 3 on a need to know basis. Most automated permission systems will allow me only to share it easily only with people in 1 and 3 or 4, and since people can move between 3 & 4 based on assignment it’s hard to know (and pretty much impossible to tell automatically) if some degree of access violation has occurred. People in 2 are generally sool if we’re trying to share things and I’m not prepared to handwave through the scary-looking “are you sure you want to share this with person x who isn’t from our org?” Boxes.

Basically explicit enumeration is just going to be way better any time you want to be doing this type of thing in the real world.

ape4•3mo ago
Wikipedia article: https://en.wikipedia.org/wiki/Traffic_Light_Protocol

Its NOT about controlling traffic lights. Some are networked ("synchronized") so it might be interesting to read about how that's done. https://en.wikipedia.org/wiki/Traffic_light_control_and_coor...

hexomancer•3mo ago
Yeah I got exited thinking this is about traffic lights. I use a bike to commute to work and recently I was thinking if I could adjust my cycling cadence so that I never hit a red light, but unfortunately the timing of the traffic lights in my city is not constant. If there was a publicly accessible API to get the current timing info, I could write an app to do that.
helterskelter•3mo ago
If you're in America, take a look at the strobe on top of school busses. I'm not sure if they still have them (they used to). It would flash at a specific frequency and trip a photovoltaic sensor connected to the traffic light, which would turn it green so the kids aren't late for class. If you had a bright enough strobe which flashed at the same frequency...you get the idea.
pavel_lishin•3mo ago
Is that actually true? I've heard of ambulances & police cars having such devices, but they were supposed to be infrared.

The last time I saw the strobe on top of a school bus active, it was when I was a passenger in one, driving down the freeway at night, and it wasn't strobing particularly fast. It's possible that our driver just forgot to turn it off, I suppose - he was that kind of guy.

jagged-chisel•3mo ago
School buses in my state are legally required to run the strobe when passengers are onboard.

No two strobes I have seen strobe at the same frequency. I think this traffic control story is urban legend.

jagged-chisel•3mo ago
Emergency vehicles have devices that announce their presence to get traffic lights to change in their favor. “Kids being late to class” is not on the order of importance to create a complex scheme to change traffic lights based on strobe lights from a bus.

Sounds like urban legend.

Yeroc•3mo ago
We definitely have this system in place in some cities in Canada, primarily for express bus routes.
dylan604•3mo ago
So as a driver, you want to follow an express route bus when you can?
toast0•3mo ago
Bus priority lanes and traffic lights that give priority to busses are definitely a thing. Usually for municipal busses and not school busses, but I'd expect a community that had priority lights for busses would allow school busses onto the system as well.

Not specifically to avoid late arrivals of pupils, but because prioritizing many passenger vehicles is valuable.

dylan604•3mo ago
I never heard about this being used on school busses. This was always something for emergency services like firetrucks/ambulances to not have to sit in traffic at a red light, but it was only active if they were actively responding to a call with their lights on. Otherwise, they sit at the lights too.
euroderf•3mo ago
A newspaper article told of a mayor of some city that had one installed so he could zip along to emergencies.
gwbas1c•3mo ago
That wikipedia article makes a whole lot more sense defining what the traffic light protocol is. At first I thought this was some kind of tech protocol that's implemented by a computer. Now I realized it's an informal protocol.
lbourdages•3mo ago
I was at a security conference recently and one of the presentations had some TLP:RED slides in it.

I couldn't help but find that pointless. The conference is open to the public, the only barrier to entry being a small amount of money to purchase a ticket. How would that prevent bad actors from signing up to access the sensitive information?

It absolutely makes sense when used within an organization where access/membership is properly vetted, but there, I feel like there was no point.

9x39•3mo ago
You're right that it doesn't make sense. It suggests a failure in data handling (who can I share this with?).

A lot of these are borrowed from the US .gov in which prosecution is a relatively effective way to get compliance with these policies, but, and I'll take some license here, are copied to appear sophisticated by unsophisticated players outside of that.

integralid•3mo ago
You're completely right: if that's not an invite only or vetted conference (that exist), this is just a marketing gimmick to grab people attention. People who do that either don't understand what you feel intuitively, or do this attention grabbing thing intentionally. Just like "no media" presentations that just post their slides online later.
ramses0•3mo ago
I've self-discovered a similar categorization for my imaginary social network that will dethrone El Zuck:

   Ultimate  - black/white - passwords/keys/finance/backups
   Private   - red         - hidden by default
   Protected - yellow      - default "logged in to computer"
   Public    - green       - shared w/ others (individuals)
   Broadcast - blue        - intentionally wide distribution
...the key insight being that as you go "deeper" you know "less" (if that makes sense). Take the pictures on my phone and the album names (eg: Fall Trip 2025).

If I post my headshot to hire-an-actor.com, that's "Blue/Broadcast". If I share a picture of my kid blowing out birthday candles, that's "Green/Public". From "Green" you might be able to see the LABELS of my "Yellow" stuff and request access to it, but there should be no indication that "Red" or "Black" even exists.

So basically you as a user always operate at "Yellow", and can push "up" to Green (aka: discord), or Blue (aka: tweeter), and can unlock "Red" or "Black" via Password or 2FA/Cert.

I wish there were a way to easily "vivify" this, but at least putting names to it exposes where/how we're currently lacking.

The biggest issue still remains that content is "slippery" ... if it's not 10000% protected and airgapped, there's a chance that it can "escape".

Animats•3mo ago
If Google made Gmail pay attention to that, or Microsoft made Outlook pay attention, then it might mean something. Otherwise, no.