frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Start all of your commands with a comma (2009)

https://rhodesmill.org/brandon/2009/commands-with-comma/
306•theblazehen•2d ago•102 comments

Software Engineering Is Back

https://blog.alaindichiappari.dev/p/software-engineering-is-back
36•alainrk•1h ago•29 comments

Hoot: Scheme on WebAssembly

https://www.spritely.institute/hoot/
40•AlexeyBrin•2h ago•6 comments

France's homegrown open source online office suite

https://github.com/suitenumerique
18•nar001•50m ago•8 comments

Reinforcement Learning from Human Feedback

https://arxiv.org/abs/2504.12501
19•onurkanbkrc•1h ago•1 comments

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

https://openciv3.org/
719•klaussilveira•16h ago•221 comments

Vocal Guide – belt sing without killing yourself

https://jesperordrup.github.io/vocal-guide/
105•jesperordrup•6h ago•38 comments

The Waymo World Model

https://waymo.com/blog/2026/02/the-waymo-world-model-a-new-frontier-for-autonomous-driving-simula...
983•xnx•22h ago•562 comments

Ga68, a GNU Algol 68 Compiler

https://fosdem.org/2026/schedule/event/PEXRTN-ga68-intro/
21•matt_d•3d ago•4 comments

Unseen Footage of Atari Battlezone Arcade Cabinet Production

https://arcadeblogger.com/2026/02/02/unseen-footage-of-atari-battlezone-cabinet-production/
78•videotopia•4d ago•12 comments

Making geo joins faster with H3 indexes

https://floedb.ai/blog/how-we-made-geo-joins-400-faster-with-h3-indexes
141•matheusalmeida•2d ago•37 comments

Cross-Region MSK Replication: K2K vs. MirrorMaker2

https://medium.com/lensesio/cross-region-msk-replication-a-comprehensive-performance-comparison-o...
5•andmarios•4d ago•1 comments

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

https://github.com/valdanylchuk/breezydemo
242•isitcontent•16h ago•27 comments

Monty: A minimal, secure Python interpreter written in Rust for use by AI

https://github.com/pydantic/monty
245•dmpetrov•17h ago•128 comments

Show HN: I spent 4 years building a UI design tool with only the features I use

https://vecti.com
346•vecti•18h ago•153 comments

Hackers (1995) Animated Experience

https://hackers-1995.vercel.app/
511•todsacerdoti•1d ago•248 comments

Sheldon Brown's Bicycle Technical Info

https://www.sheldonbrown.com/
395•ostacke•22h ago•102 comments

What Is Ruliology?

https://writings.stephenwolfram.com/2026/01/what-is-ruliology/
47•helloplanets•4d ago•48 comments

Show HN: If you lose your memory, how to regain access to your computer?

https://eljojo.github.io/rememory/
310•eljojo•19h ago•192 comments

Microsoft open-sources LiteBox, a security-focused library OS

https://github.com/microsoft/litebox
363•aktau•23h ago•189 comments

An Update on Heroku

https://www.heroku.com/blog/an-update-on-heroku/
441•lstoll•23h ago•289 comments

PC Floppy Copy Protection: Vault Prolok

https://martypc.blogspot.com/2024/09/pc-floppy-copy-protection-vault-prolok.html
77•kmm•5d ago•11 comments

Dark Alley Mathematics

https://blog.szczepan.org/blog/three-points/
98•quibono•4d ago•22 comments

Was Benoit Mandelbrot a hedgehog or a fox?

https://arxiv.org/abs/2602.01122
26•bikenaga•3d ago•14 comments

Female Asian Elephant Calf Born at the Smithsonian National Zoo

https://www.si.edu/newsdesk/releases/female-asian-elephant-calf-born-smithsonians-national-zoo-an...
47•gmays•11h ago•19 comments

How to effectively write quality code with AI

https://heidenstedt.org/posts/2026/how-to-effectively-write-quality-code-with-ai/
281•i5heu•19h ago•229 comments

I now assume that all ads on Apple news are scams

https://kirkville.com/i-now-assume-that-all-ads-on-apple-news-are-scams/
1092•cdrnsf•1d ago•472 comments

I spent 5 years in DevOps – Solutions engineering gave me what I was missing

https://infisical.com/blog/devops-to-solutions-engineering
160•vmatsiiako•21h ago•73 comments

Understanding Neural Network, Visually

https://visualrambling.space/neural-network/
312•surprisetalk•3d ago•45 comments

Delimited Continuations vs. Lwt for Threads

https://mirageos.org/blog/delimcc-vs-lwt
36•romes•4d ago•3 comments
Open in hackernews

Beyond the Nat: Cgnat, Bandwidth, and Practical Tunneling

https://blog.rastrian.dev/post/beyond-the-nat-cgnat-bandwidth-and-practical-tunneling
40•rastrian•1mo ago

Comments

teeray•1mo ago
> Home internet in the 90s felt simple. You plugged into Ethernet, got an IPv4 address, and you could expose a service directly.

Maybe the 2000s, yes. This experience in the 90s was reserved for businesses and schools that could afford a T-carrier connection. The rest of us had dialup.

kstrauser•1mo ago
I had dialup with a static IP and inbound access to listening ports.
reincarnate0x14•1mo ago
Even on dialup it was common to get a public IPv4 address, depending on what service. The service I had in like 95-98 didn't promise static IPs but I effectively got the same address for weeks at a time, I'm assuming due to whatever logic was mapping accounts to addresses. They also gave you access to a FreeBSD shell if you wanted to read email via elm or pine or the like, one of the first places I saw SSH!
kmbfjr•1mo ago
New fiber provider across town does CGNAT and no IPv6.

I guess that works for most people except gamers and people who get rate limited because of the actions of others.

Article is correct, IPv4 didn’t die hard.

reincarnate0x14•1mo ago
It's bizarre to me that there is still so much effort spent on resisting IPv6 implementations, we were converting some industrial control networks to it almost 10 years ago and those organizations are basically defined by ancient equipment. Rather than byzantine v4 NAT coordination we mapped entire plants and substations to V6 addresses and put in 6to4 for the PLCs that were old enough to vote, so that multiple sites that all used the same 10.x.y.z blocks because of course they did could be routed together. Had V6 available from my house to pretty much anywhere I cared about in 2017.
esseph•1mo ago
As a business, especially a small business, there is no financial reason to do so in the United States for the vast majority of businesses. This gets talked about on NANOG all the time.

It doubles the workload and knowledge required, doubles the security attack surface, and because of the 2nd part, doubles the security risk.

Right or wrong that's the calculation for most spots.

immibis•1mo ago
You're banned from being a federal contractor if you don't. Isn't that pretty important since that's where all the money is?
esseph•1mo ago
All the money is in federal contracting?

Did it for a decade, and that's news to me.

reincarnate0x14•1mo ago
re: the attack surface, I will say that I see such a tiny fraction of probe attempts and common exploit scripts hitting V6 spaces that I open some services on V6 only.

At my house I've had SSH open to the V6 internet for 8 years and have the logger set up to email me for any connections, and I have never once seen an attempt that wasn't me. For popular sites with well known DNS names that's obviously different, but I keep DNS current and can SSH by name to that V6 listener from anywhere so it's not my ISP trying to save me from myself either. And that's not even a host with the normal automatic temporary addresses, it's been a fixed interface id portion with an effectively static V6 prefix for years.

For a while I had several other services open as well, at one point we even played around with using NFS and iSCSI over IPv6 on the internet just for giggles, no actual important data. I can imagine some sysadmin's face twisting in horror just reading that knowing the carnage that would have ensued doing that with V4, where we commonly drop entire geo-blocks just to curtail the log spam of all the various automatic admin portal and VPN login scans.

There are of course techniques to gather live V6 addresses but between the vast space and temporary addresses on most end-user devices it really has been a night and day difference.

esseph•1mo ago
It's more likely when you have public DNS pointing to ipv6 enabled hosts, not so likely with a random scan because of the sheer number.
irusensei•1mo ago
It's the same bullshit everywhere it seems. There goes the CGNAT with their router where the "advanced" options are basically defining DHCP settings - through a shitty phone app. There is also the stupid TV that no one asked for but it's part of the package.

And when they do give you v6 its a /64.

I wish there might be a category of prosumer friendly ISP of sorts. Those exist but they are hard to find.

idatum•1mo ago
If you are already running a VPS, the SSH -J option is useful if you don't want to expose your SSH to your home public address.

You create an SSH reverse tunnel (-R option) from a server in your home network to your remote VPS. This gives you a localhost port on your VPS to your server SSH port. Something like:

    ssh -NT -R 2222:localhost:22 vpsuser@yourvps.com
From your laptop, use your your VPS address and localhost port in the -J option. Something like:

    ssh -J vpsuser@yourvps.com:2222 homeuser@yourhome.com
I only allow ssh key auth and only my laptop is trusted by my home server. The home server doesn't need to trust the VPS "jump server".
yuvadam•1mo ago
Call me a tailscale simp, but since it was launched I honestly stopped caring about any of such issues.

They've built such an incredible product I actually feel guilty I pay absolutely nothing for it.

beautyReloaded•1mo ago
public ip abundance of the internet should not depend on mappings in the tailscale servers owned by tailscale or self hosted by other people
apitman•1mo ago
This looks like an excellent overview of the current state of things, and some nice practical instructions on getting end to end connectivity working.

Personally I don't think IPv6 will ever supplant IPv4. As far as big tech is concerned, NAT solves the problem well enough for clients and SNI routing solves it well enough for servers.

What incentive do they have to make things better for small orgs and p2p use cases? Better from their perspective to retain control over IPv4 real estate and extract rent.

immibis•1mo ago
For one, most major governments have told them to do it or else. I'm not sure which year it will be but there's already a mandate that US federal client systems can't have IPv4, and contractors must support IPv6, and a later deadline is for servers and websites to not have IPv4, at which point if your ISP doesn't provide access to federal government websites then all your customers can sue you into oblivion for failure to provide contracted services, including damages for any missed federal government interactions, which your liability waiver will not limit since your lack of IPv6 support by that time is intentional gross negligence. Google and Apple both require apps to work on IPv6-only networks or they get removed from app stores, and the majority of mobile networks are IPv6-native (with a slow translation layer for IPv4). Over 50% of internet traffic is IPv6 right now.

I'm not sure why you guys keep saying IPv6 won't happen, when it's already happened. Just ostriching, or incentivized to keep IPv4 address prices high, or what gives?

unethical_ban•1mo ago
Accusation of malice is a little far, I think the ipv6 transition isn't obvious to people because it has mostly been on mobile networks and the big datacenters. There are a lot of large organizations yet to implement it internally.
apitman•1mo ago
I wish I had an IPv4 block to hoard.

Far more important than current adoption is rate of adoption, which is slowing.

US mandates will certainly help and may be enough, but the US can't force other countries to follow. Many countries have far lower adoption rates.

immibis•1mo ago
Major internet centers are US (V6 mandate), Europe (V6 mandate, I think - and if not already, they will), China (V6 mandate) and to a lesser extent the west Pacific rim (Japan, Korea, Singapore, Australia). Other countries will do whatever they have to do to remain connected to these, unless they want to make their own isolated BR(not I)(not C)S internet with blackjack and hookers.
apitman•1mo ago
I hope you're right
immibis•1mo ago
What else do you foresee? A country like Chile just decides it doesn't want to be in the global internet and more, and separates? No, I think that's completely unrealistic.

If it can't upgrade in time, it might remain connected using some kind of translator or proxy. Even if not official, someone would surely run one - it's too useful and we're not talking about a censorship scenario where it would be illegal. Experience shows this is very annoying and will quickly be upgraded to native level. Note that tunneling is native.

Most end-user ISPs today use some kind of tunneling to separate the architecture of their network from the architecture of the services they deliver to customers. If you use DSL, your connection is (usually) a PPPoAoE tunnel with one endpoint at your house and another endpoint at one of your ISP's POPs - the entire access network feels transparent to you. If you use a cellular network, it does something similar with GTP.

And considering that fact, it's not as hard to upgrade a network to IPv6 as you might think. Some core routers and edge routers must be upgraded, but the majority of the network is tunneled over. Perhaps during a transitionary period, your CPE (home router) will encapsulate your IPv6 packets in IPv4. This doesn't require a new router because most of them do routing in software and can just get a firmware update.