frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Operating Margins

https://fi-le.net/margin/
70•fi-le•4d ago•6 comments

RegreSQL: Regression Testing for PostgreSQL Queries

https://boringsql.com/posts/regresql-testing-queries/
76•radimm•4h ago•18 comments

Nano Banana can be prompt engineered for nuanced AI image generation

https://minimaxir.com/2025/11/nano-banana-prompts/
722•minimaxir•18h ago•181 comments

Show HN: Pegma, the free and open-source version of the classic Peg solitaire

https://pegma.vercel.app
18•GlebShalimov•3h ago•31 comments

What Happened with the CIA and The Paris Review?

https://www.theparisreview.org/blog/2025/11/11/what-really-happened-with-the-cia-and-the-paris-re...
79•benbreen•11h ago•19 comments

Disrupting the first reported AI-orchestrated cyber espionage campaign

https://www.anthropic.com/news/disrupting-AI-espionage
284•koakuma-chan•17h ago•193 comments

Launch HN: Tweeks (YC W25) – Browser extension to deshittify the web

https://www.tweeks.io/onboarding
270•jmadeano•19h ago•164 comments

V8 Garbage Collector

https://wingolog.org/archives/2025/11/13/the-last-couple-years-in-v8s-garbage-collector
31•swah•2h ago•5 comments

How to Get a North Korea / Antarctica VPS

https://blog.lyc8503.net/en/post/asn-5-worldwide-servers/
137•uneven9434•10h ago•55 comments

Hooked on Sonics: Experimenting with Sound in 19th-Century Popular Science

https://publicdomainreview.org/essay/science-of-sound/
22•Hooke•5h ago•0 comments

OpenMANET Wi-Fi HaLow open-source project for Raspberry Pi–based MANET radios

https://openmanet.net/
117•hexmiles•14h ago•30 comments

650GB of Data (Delta Lake on S3). Polars vs. DuckDB vs. Daft vs. Spark

https://dataengineeringcentral.substack.com/p/650gb-of-data-delta-lake-on-s3-polars
199•tanelpoder•14h ago•73 comments

A Common Semiconductor Just Became a Superconductor

https://www.sciencedaily.com/releases/2025/10/251030075105.htm
8•tsenturk•1w ago•2 comments

Blender Lab

https://www.blender.org/news/introducing-blender-lab/
258•radeeyate•22h ago•46 comments

Think in math, write in code (2019)

https://www.jmeiners.com/think-in-math/
171•alabhyajindal•4d ago•67 comments

Why do we need dithering?

https://typefully.com/DanHollick/why-do-we-need-dithering-Ut7oD4k
92•ibobev•1w ago•85 comments

'The Dream Factory' Review: A Building and Its Bard

https://www.wsj.com/arts-culture/books/the-dream-factory-review-a-building-and-its-bard-6d79ce43
15•pepys•4d ago•0 comments

Show HN: An easy-to-use online curve fitting tool

https://byx2000.github.io/curve-fit/
7•byx•1w ago•3 comments

Steam Machine

https://store.steampowered.com/sale/steammachine
2753•davikr•1d ago•1378 comments

Android developer verification: Early access starts

https://android-developers.googleblog.com/2025/11/android-developer-verification-early.html
1320•erohead•1d ago•638 comments

SIMA 2: An agent that plays, reasons, and learns with you in virtual 3D worlds

https://deepmind.google/blog/sima-2-an-agent-that-plays-reasons-and-learns-with-you-in-virtual-3d...
212•meetpateltech•20h ago•93 comments

Blue Origin lands New Glenn rocket booster on second try

https://techcrunch.com/2025/11/13/blue-origin-lands-new-glenn-rocket-booster-on-second-try/
386•perihelions•14h ago•217 comments

Show HN: DBOS Java – Postgres-Backed Durable Workflows

https://github.com/dbos-inc/dbos-transact-java
90•KraftyOne•15h ago•43 comments

SlopStop: Community-driven AI slop detection in Kagi Search

https://blog.kagi.com/slopstop
474•msub2•16h ago•223 comments

The Eggstraordinary Fortress

https://ahmed1011001.github.io/Notes/stories/eggstrodinary.html
77•tippa123•17h ago•30 comments

Kubernetes Ingress Nginx is retiring

https://www.kubernetes.dev/blog/2025/11/12/ingress-nginx-retirement/
175•TheApplicant•13h ago•117 comments

Zed is our office

https://zed.dev/blog/zed-is-our-office
563•sagacity•20h ago•291 comments

Checkout.com hacked, refuses ransom payment, donates to security labs

https://www.checkout.com/blog/protecting-our-merchants-standing-up-to-extortion
586•StrangeSound•1d ago•264 comments

Itiner-E – The Digital Atlas of Ancient Roads

https://itiner-e.org/
45•beatthatflight•1w ago•1 comments

Needy Programs

https://tonsky.me/blog/needy-programs/
44•robenkleene•15h ago•4 comments
Open in hackernews

V8 Garbage Collector

https://wingolog.org/archives/2025/11/13/the-last-couple-years-in-v8s-garbage-collector
31•swah•2h ago

Comments

ZeroConcerns•49m ago
Interesting article! One thing that made me literally LOL was the fact that several exploits were enabled via a Google "style recommendation" that caused on-heap length fields to be signed and thus subject to sign-extension attacks.

The conversation-leading-up-to-that played out a bit like this in my head:

Google Engineer #1: Hey, shouldn't that length field be unsigned? Not like a negative value ever makes sense there?

GE#2: Style guide says no

GE#1: Yeah, but that could easily be exploited, right?

GE#2: Maybe, but at least I won't get dinged on code review: my metrics are already really lagging this quarter

GE#1: Good point! In fact, I'll pre-prepare an emergency patch for that whole thing, as my team lead indicated I've been a bit slow on the turnaround lately...

Leszek•4m ago
The signed length fields pre-date the sandbox, and at that point being able to corrupt the string length meant you already had an OOB write primitive and didn't need to get one via strings. The sandbox is the new weird thing, where now these in-sandbox corruptions can sometimes be promoted into out-of-sandbox corruptions if code on the boundary doesn't handle these sorts of edge cases.
maartin0•47m ago
What does FTE stand for?:

> From what I can tell, there have been about 4 FTE from Google over this period

kannanvijayan•40m ago
Full Time Employee
NeutralForest•14m ago
It's an interesting article because tech articles rarely revisit the past for what kind of decisions were made and why. Thanks! Also always cool to see a Wingo article because I get exposed to a field I know very little about (how garbage collection works).