frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

We Mourn Our Craft

https://nolanlawson.com/2026/02/07/we-mourn-our-craft/
76•ColinWright•1h ago•42 comments

Speed up responses with fast mode

https://code.claude.com/docs/en/fast-mode
21•surprisetalk•1h ago•19 comments

Hoot: Scheme on WebAssembly

https://www.spritely.institute/hoot/
121•AlexeyBrin•7h ago•24 comments

U.S. Jobs Disappear at Fastest January Pace Since Great Recession

https://www.forbes.com/sites/mikestunson/2026/02/05/us-jobs-disappear-at-fastest-january-pace-sin...
104•alephnerd•2h ago•56 comments

Stories from 25 Years of Software Development

https://susam.net/twenty-five-years-of-computing.html
58•vinhnx•4h ago•7 comments

OpenCiv3: Open-source, cross-platform reimagining of Civilization III

https://openciv3.org/
824•klaussilveira•21h ago•248 comments

Al Lowe on model trains, funny deaths and working with Disney

https://spillhistorie.no/2026/02/06/interview-with-sierra-veteran-al-lowe/
54•thelok•3h ago•6 comments

The AI boom is causing shortages everywhere else

https://www.washingtonpost.com/technology/2026/02/07/ai-spending-economy-shortages/
105•1vuio0pswjnm7•8h ago•122 comments

The Waymo World Model

https://waymo.com/blog/2026/02/the-waymo-world-model-a-new-frontier-for-autonomous-driving-simula...
1058•xnx•1d ago•608 comments

Reinforcement Learning from Human Feedback

https://rlhfbook.com/
76•onurkanbkrc•6h ago•5 comments

Start all of your commands with a comma (2009)

https://rhodesmill.org/brandon/2009/commands-with-comma/
478•theblazehen•2d ago•175 comments

Vocal Guide – belt sing without killing yourself

https://jesperordrup.github.io/vocal-guide/
205•jesperordrup•11h ago•69 comments

France's homegrown open source online office suite

https://github.com/suitenumerique
547•nar001•5h ago•253 comments

Coding agents have replaced every framework I used

https://blog.alaindichiappari.dev/p/software-engineering-is-back
216•alainrk•6h ago•335 comments

Selection Rather Than Prediction

https://voratiq.com/blog/selection-rather-than-prediction/
8•languid-photic•3d ago•1 comments

A Fresh Look at IBM 3270 Information Display System

https://www.rs-online.com/designspark/a-fresh-look-at-ibm-3270-information-display-system
35•rbanffy•4d ago•7 comments

72M Points of Interest

https://tech.marksblogg.com/overture-places-pois.html
28•marklit•5d ago•2 comments

Show HN: I saw this cool navigation reveal, so I made a simple HTML+CSS version

https://github.com/Momciloo/fun-with-clip-path
3•momciloo•1h ago•0 comments

I Write Games in C (yes, C)

https://jonathanwhiting.com/writing/blog/games_in_c/
4•valyala•1h ago•1 comments

Unseen Footage of Atari Battlezone Arcade Cabinet Production

https://arcadeblogger.com/2026/02/02/unseen-footage-of-atari-battlezone-cabinet-production/
113•videotopia•4d ago•30 comments

SectorC: A C Compiler in 512 bytes

https://xorvoid.com/sectorc.html
4•valyala•1h ago•0 comments

Where did all the starships go?

https://www.datawrapper.de/blog/science-fiction-decline
73•speckx•4d ago•74 comments

Software factories and the agentic moment

https://factory.strongdm.ai/
68•mellosouls•4h ago•73 comments

Show HN: Look Ma, No Linux: Shell, App Installer, Vi, Cc on ESP32-S3 / BreezyBox

https://github.com/valdanylchuk/breezydemo
273•isitcontent•22h ago•38 comments

Learning from context is harder than we thought

https://hy.tencent.com/research/100025?langVersion=en
199•limoce•4d ago•111 comments

Monty: A minimal, secure Python interpreter written in Rust for use by AI

https://github.com/pydantic/monty
285•dmpetrov•22h ago•153 comments

Making geo joins faster with H3 indexes

https://floedb.ai/blog/how-we-made-geo-joins-400-faster-with-h3-indexes
155•matheusalmeida•2d ago•48 comments

Show HN: Kappal – CLI to Run Docker Compose YML on Kubernetes for Local Dev

https://github.com/sandys/kappal
21•sandGorgon•2d ago•11 comments

Hackers (1995) Animated Experience

https://hackers-1995.vercel.app/
555•todsacerdoti•1d ago•268 comments

Ga68, a GNU Algol 68 Compiler

https://fosdem.org/2026/schedule/event/PEXRTN-ga68-intro/
43•matt_d•4d ago•18 comments
Open in hackernews

FreeBSD Home NAS, part 3: WireGuard VPN, routing, and Linux peers

https://rtfm.co.ua/en/freebsd-home-nas-part-3-wireguard-vpn-linux-peer-and-routing/
172•todsacerdoti•1mo ago

Comments

age123456gpg•1mo ago
You can get yourself a vanity key using https://github.com/AlexanderYastrebov/wireguard-vanity-key tool:

   % wireguard-vanity-key -prefix=NAS/
   private                                      public                                       attempts   duration   attempts/s
   EiBsDB8zt/G4+VWGvxW2ZznNXYmcslcIyJimNR2PpF4= NAS/aex8+IFzLePBYVNGMsSo/1/XeUZcam+Hn8wbNB4= 22619537   0s         112587360
hnarn•1mo ago
While it's cool, something about vanity keys in general stroke me the wrong way. I feel like in principle you should never use a very short part of a public key for ocular identification, and it attempts to solve something that should be solved outside of wireguard, i.e. the "friendly naming" of public keys.
rpcope1•1mo ago
Wireguard is cool, but there's some reasons it's worth considering OpenVPN (why I still use OpenVPN anyways). First, OpenVPN has kernel mode now (called DCO, which I think Netgate maybe has upstreamed to FreeBSD); I've found it's performance on hardware with AES-NI on Linux is actually often better than wireguard. Second, there's a lot of quality of life things that just work on OpenVPN that you've got to use a ton of duct tape to make work with Wireguard, a major one being handling DNS record change (think especially dynamic DNS, which is likely if this is IPv4 and a residential connection). This is a huge pain with Wireguard, but just works on OpenVPN. Similarly if you have multiple WAN links, like I do, for OpenVPN it's just two connection stanzas and it largely just works. Again for Wireguard you're adding lots of duct tape to make it work right. I know Wireguard is the new hot thing, but it leaves a lot to be desired in the resiliency and features department.
ZeWaren•1mo ago
I use wireguard as my main VPN to connect to my homelab from my phone and my laptops.

I also have an OpenVPN as a backup option, running behind sslh. My same port on my router (443) serves both a webserver hosting photos, and that OpenVPN instance. This allows me to VPN into my home in most firewalled office networks.

bayindirh•1mo ago
Why not using tailscale/headscale, which removes the requirement to expose home network to internet at all?
lurking_swe•1mo ago
i’m assuming because of the “web server hosting photos”. Probably Immich if i had to guess?

tailscale is fine if you’re somewhat tech savvy, but it’s annoying to show all your friends and family how to “correctly” access your web server. Too much friction. First download the tailscale app, sign in, blah blah. Then you also are unnecessarily bogging down everyone’s smartphone with a wire guard VPN profile which is…undesirable.

I like tailscale and use it for some stuff. But for web servers that i want my whole family (and some friends) to easily access, a traditional setup makes much more sense. The tradeoff is (obviously) a higher security burden. I protect the web apps in my homelab with SSO (OIDC), among other things.

bayindirh•1mo ago
I prefer to gatekeep "entry points" with Tailscale. A server can have HTTP/S exposed to the world, but its SSH can stay behind Tailscale to enable defense in depth.

Keeping Tailscale as the only security layer will be foolish of course, but keeping the entry points hidden from general internet is a useful additional layer, if you ask me.

As a matter of principle, I like keep the number of open ports to a minimum. Let it be SSH or VPN, it doesn't matter. I have been burned enough times.

waynesonfire•1mo ago
I've applied the same principal to my network. Though, I do have plans to re-open some additional ports beyond just SSH / VPN.

Thinking through how I would achieve this introduced me to the concept of a DMZ-zone. The DMZ places publicly accessible services in a highly locked down environment.

bayindirh•1mo ago
DMZ is a very old concept, and applying it is easy when everything is in a single room, connected to a single network, and everything can be isolated there.

When the network is distributed on multiple sites, things get exponentially harder if you don't own a dark fiber from site to site and have essentially a single network.

I personally manage enough servers to scratch that itch, so I yearn for simplicity. If Tailscale gives me that isolation for free (which it does), I'd rather use that for my toy network rather than an elaborate multi-site DMZ setup.

paranoidrobot•1mo ago
One of the major advantages for Wireguard over OpenVPN (for me) is that it's quite difficult for random port scans to detect it.

With OpenVPN it's hanging out there responding to everyone that asks nicely that yes, it's OpenVPN.

So anyone with a new exploit for OpenVPN just has to pull up Shodan and now they've got a nice list of targets that likely have access to more private networks.

Wireguard doesn't respond at all unless you've got the right keys.

Also, fwiw - we're approaching 11 years since it was announced, and 5 years since it was accepted into the Linux/BSD kernels.

rsyring•1mo ago
> With OpenVPN it's hanging out there responding to everyone that asks nicely that yes, it's OpenVPN.

I believe asing UDP mode and a ta.key go a long way towards making OpenVPN invisible to port scans. Double check docs for details.

justsomehnguy•1mo ago
Wireguard is cool transport protocol.

OpenVPN is a proper VPN protocol with a serious performance troubles if you misstep even once.

Wireguard fanboys just never use it more than on a couple of devices where they could manually tinker everything what is needed, they never provided a VPN solutions for even dozens of users.