frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Microsoft forced me to switch to Linux

https://www.himthe.dev/blog/microsoft-to-linux
1093•bobsterlobster•5h ago•893 comments

Airfoil (2024)

https://ciechanow.ski/airfoil/
227•brk•5h ago•38 comments

Oban, the job processing framework from Elixir, has come to Python

https://www.dimamik.com/posts/oban_py/
81•dimamik•3h ago•38 comments

Mousefood – Build embedded terminal UIs for microcontrollers

https://github.com/ratatui/mousefood
43•orhunp_•2h ago•17 comments

Show HN: The HN Arcade

https://andrewgy8.github.io/hnarcade/
252•yuppiepuppie•8h ago•65 comments

Computer History Museum Launches Digital Portal to Its Collection

https://computerhistory.org/press-releases/computer-history-museum-launches-digital-portal-to-its...
18•ChrisArchitect•1h ago•1 comments

I Overengineered a Spinning Top

https://www.youtube.com/watch?v=Wp5NodfvvF4
71•bane•5d ago•19 comments

3D-Printed Mathematical Lampshades

https://hessammehr.github.io/blog/posts/2025-12-24-maths-to-lampshade.html
23•hessammehr•4d ago•4 comments

I have written gemma3 inference in pure C

https://github.com/robitec97/gemma3.c
7•robitec97•2d ago•2 comments

Show HN: I built a small browser engine from scratch in C++

https://github.com/beginner-jhj/mini_browser
84•crediblejhj•5h ago•24 comments

LM Studio 0.4.0

https://lmstudio.ai/blog/0.4.0
36•jiqiren•1h ago•9 comments

Immanuel 'the Königsberg clock' Kant (2015)

https://www.versobooks.com/en-gb/blogs/news/1963-immanuel-kant-the-errrr-walker
22•rishabhd•3d ago•2 comments

When Every Network is 192.168.1.x

https://netrinos.com/blog/conflicting-subnets
29•pcarroll•5h ago•22 comments

Show HN: Dwm.tmux – a dwm-inspired window manager for tmux

https://github.com/saysjonathan/dwm.tmux
72•saysjonathan•4d ago•10 comments

There's only one Woz, but we can all learn from him

https://www.fastcompany.com/91477114/steve-wozniak-woz-apple-the-tech-interactive-humanitarian-award
278•coloneltcb•5d ago•132 comments

Spinning around: Please don't – Common problems with spin locks

https://www.siliceum.com/en/blog/post/spinning-around/
18•bdash•2h ago•2 comments

A verification layer for browser agents: Amazon case study

https://sentienceapi.com/blog/verification-layer-amazon-case-study
41•tonyww•17h ago•18 comments

Rust at Scale: An Added Layer of Security for WhatsApp

https://engineering.fb.com/2026/01/27/security/rust-at-scale-security-whatsapp/
213•ubj•13h ago•96 comments

Show HN: SHDL – A minimal hardware description language built from logic gates

https://github.com/rafa-rrayes/SHDL
4•rafa_rrayes•7h ago•0 comments

A few random notes from Claude coding quite a bit last few weeks

https://twitter.com/karpathy/status/2015883857489522876
851•bigwheels•1d ago•757 comments

Kyber (YC W23) Is Hiring a Staff Engineer

https://www.ycombinator.com/companies/kyber/jobs/GPJkv5v-staff-engineer-tech-lead
1•asontha•7h ago

Prism

https://openai.com/index/introducing-prism
741•meetpateltech•1d ago•499 comments

Show HN: Cua-Bench – a benchmark for AI agents in GUI environments

https://github.com/trycua/cua
24•someguy101010•2d ago•3 comments

Android's full desktop interface leaks: New status bar, Chrome Extensions

https://9to5google.com/2026/01/27/android-desktop-leak/
51•thunderbong•16h ago•51 comments

SVG Path Editor

https://yqnn.github.io/svg-path-editor/
213•gurjeet•5d ago•33 comments

That's Not How Email Works, HSBC

https://danq.me/2026/01/28/hsbc-dont-understand-email/
99•HotGarbage•1h ago•48 comments

Virtual Boy on TV with Intelligent Systems Video Boy

https://hcs64.com/video-boy-vue/
85•hcs•11h ago•28 comments

Make.ts

https://matklad.github.io/2026/01/27/make-ts.html
193•ingve•12h ago•101 comments

Show HN: Build Web Automations via Demonstration

https://www.notte.cc/launch-week-i/demonstrate-mode
22•ogandreakiro•1d ago•9 comments

430k-year-old well-preserved wooden tools are the oldest ever found

https://www.nytimes.com/2026/01/26/science/archaeology-neanderthals-tools.html
476•bookofjoe•1d ago•249 comments
Open in hackernews

Show HN: I Built a Sandbox for Agents

https://github.com/vrn21/bouvet.com
28•vrn21•2h ago

Comments

bosky101•2h ago
The right link is https://github.com/vrn21/bouvet
nadis•1h ago
Thank you.
ripped_britches•1h ago
Why is it a problem to use containers?
_pdp_•1h ago
We use a service but it is always nice to have a free option if you need it. Good stuff.
canadiantim•1h ago
This relies on the agent requesting a sandbox... which seems like the fox guarding the hen house, no?
monomial•1h ago
Is this a common pattern to have an agent request a sandbox? I feel like I'd want the whole agent running in it's own sandbox to begin with. Firecracker does look like a decent solution for that.
mccraveiro•1h ago
I agree. I'm testing https://sprites.dev/ because of that.
sahiljagtapyc•1h ago
interesting
debarshri•1h ago
Can someone elaborate with whats wrong with having containers for sandbox?
binsquare•1h ago
It's because containers share the kernel with the host. Generally it's just not considered a security boundary. (Note that containers have come a longer way in the security side btw)

So it's a mostly security thing.

debarshri•1h ago
But in the context of agents. Does it matter?
tptacek•1h ago
Depends. Probably not usually. I've thought about this a bunch and I think the serious "threat" here isn't the agent acting maliciously --- though agents will break out of non-hardened sandboxes! --- but rather them exposing some vulnerability that an actual human attacker exploits.
buu700•1h ago
I'd also add that I just don't like the idea in principle that I should have to trust the agent not to act maliciously. If an agent can run rm -rf / in an extreme edge case, theoretically it could also execute a container escape.

Maybe vanishingly unlikely in practice, but it costs me almost nothing to use a VM just in case. It's not impossible that certain models turn out to be poorly behaved, that attackers successfully execute indirect prompt injection via malicious tutorials targeting coding agents, or that some shadowy figure runs a plausibly deniable attack against me through an LLM API.

debarshri•30m ago
This is a genuine concern. But this sounds a bit independent of the execution environment. It could either be containers or VMs.
tptacek•18m ago
On a local machine, yeah, I think it's pretty situational. VMs are safer, but in risk management terms the win is sometimes not that significant.

In a multitenant cloud environment, of course, totally different story.

aghilmort•1h ago
security matters if want to demarc where agents can play. running agent inside of strong VM is usually where starts container not enough for that full isolation only sees files you want it to etc
binsquare•1h ago
Imo it's even more important in context of agents, if these agents are as good as it's going to get with as much access as we let them.
starlust2•1h ago
One could theoretically use a prompt injection attack to exploit a privilege escalation vulnerability on the kernel.
ATechGuy•1h ago
What about VMs? They offer strong isolation, as they don't share kernels, and have long been a foundational piece for multi-tenant computing. Then, why would we put an extra layer on top and rebrand it as an AI agent sandboxing solution? I'm genuinely curious what pushes everyone to build their own and launch here Is it one of those tarpit ideas: driven by own need and easy to build?
Ronsenshi•1h ago
From what I read others say at some point on HN:

- resources

- security

- setup speed?

I suppose a lot depends on how and in what environment you're dealing with agents.

Resources might be an issue on Mac if you have bunch of agents running different things, trying to execute code in different containers. But that's the issue of Mac and the way containers are running in a VM there.

Security-wise there were concerns with prompt injection telling agent to execute certain steps to escape from container. Possible, but I'm not aware if there were actually cases of that.

tomasphan•1h ago
Seems these thing pop up here ever so often. Either using firecracker or docker/containers. How is this different from the other sandboxes? BTW I love that you got LLM testimonials lol
binsquare•1h ago
I'm building an alternative to firecracker here if you're looking for something wayy different: https://github.com/smol-machines/smolvm
aghilmort•1h ago
we've considered docker, firecracker, will add smol to working roster

context <> building something with QEMU

* required has to support LMW+AI (linux/mac/windows + android/ios)

there are scenarios in which we might spin micro vms inside that main vm, which by default is almost always Debian Linux distro with high probability.

one scenario is say ETL vm and AI vm isolated for various things

curious why building another microVM other than sheer joy of building, what smol does better or different, why use smol, etc. (microVMs to avoid etc also fair game :)

jkelleyrtp•1h ago
I needed Mac / win/ Linux / iOS / android for dioxus dev, so I built my own in rust.

https://skyvm.dev/

binsquare•1h ago
I focus on different design decisions.

Smolvm is designed to run locally, persistent (stateful), long running (efficiency), and interactive.

Worked with firecracker and other options a lot btw, most of everything is designed for ephemeral serverless workloads.

binsquare•1h ago
Cool option, I'm building in the same space. We should chat!
avaer•1h ago
Given that this is using Firecracker, is it Linux only?
coip•1h ago
Anyone have any thoughts on this path if using macOS? Been using it, seems to do the trick pretty well out of the box.

https://developer.apple.com/documentation/Virtualization/run...

aghilmort•1h ago
interesting is the idea the agent calls it or just alt to terminal bash etc tool calls hey your tool calls are all microvms, containers, isoshells, raw term, clawd/molt all credentials with weaker and weaker security demarcs?
FEELmyAGI•1h ago
Great idea that is already implemented as a feature by major AI providers, several well funded startups, countless unfunded startups, and trivially solved per-user with any handful of existing technologies.

Truly baffling its in the top 5 of the front page. My first thought was bot army upvoting but the total points are quite low. That means this is some mod's personal idea of an especially interesting submission?

arscan•1h ago
Having testimonials attributed to Gemini 3 Pro and Claude 4.5 Opus is... interesting. I'm curious what prompt was used to get those quotes.
ATechGuy•1h ago
Congrats on launching, and great testimonials!

What problem does it solve compared to bazillion code execution sandboxing agents (and containers/VMs)?

Overall, a lot of people are building their own code execution sandboxing agents around containers/VMs. Curious to know what's missing that makes people DIY this?

Here's my list of code execution sandboxing agents launched in the last year alone:

1. E2B 2. AIO Sandbox 3. Sandboxer 4. AgentSphere 5. Yolobox 6. Exe.dev 7. yolo-cage 8. SkillFS ERA Jazzberry Computer Vibekit Daytona Modal Cognitora YepCode Run Compute CLI Fence Landrun Sprites pctx-sandbox pctx Sandbox Agent SDK Lima-devbox OpenServ Browser Agent Playground Flintlock Agent Quickstart Bouvet Sandbox Arrakis Cellmate (ceLLMate) AgentFence Tasker

nadis•1h ago
Getting a 404 page not found for this project - how can I try it?