frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

The browser catches homograph attacks, the terminal doesn't

https://github.com/sheeki03/tirith
44•MrBuddyCasino•2d ago

Comments

techbrovanguard•2d ago
Handy! I feel like this should be built into the terminal emulator though?
derintegrative•9h ago
This looks to be a very specific tool to check URLs on the command line. Terminal emulators don't care about that. Even shells running in those terminal emulators don't care about those specifics because why would they. One could easily want to do something with a funny url like that that doesn't involve content fetching etc.
account42•1d ago
> curl -sSL https://install.example-cli.dev | bash # safe

This is not and has never been safe.

digitalsushi•1d ago
It's about as safe as trusting all the add-ons in your IDE, and all the packages your node app pulls from random package repos.

It's just the plausible blame that shifts.

If you read the script before you pipe it into your shell, it's safe.

And if that's not safe, then it's just as dangerous to trust that an unopened bottle of ketchup is safe.

Nothing is safe. Everything is a judgement. Being culpable is a professional service. Lucky people out-earn unlucky people. The world is a scary place.

xg15•1d ago
This is why we have linux distributions with maintainers who can take at least a basic look at the software, vet dependencies and run it through a test suite. And they only have to do that once for each new version and not again and again for each download.
politelemon•1h ago
No, not really. This reads like ornate hand waving to distract from different threat models and situations.

A lot of safety is down to accountability. A distribution through an attributable marketplace or being verifiably signed.

Safety isn't a performative action, so reading a script may still confuse you or you may miss subtleties. But opting for a safer install mechanism makes a huge difference, which is we always ought to prefer apt, dnf, over the likes of curlbash, brew, npm.

tetris11•1d ago
it really irks me that this is the default way to install micromamba

https://mamba.readthedocs.io/en/latest/installation/micromam...

digitalsushi•1d ago
This is an incredible tool.

As a child in the 1980s we'd go for long walks in the woods. One time a friend brought a pair of 30 inch bolt cutters with him, you know, as a personality extension. And of course, there was some dubious reason to use them, and he was a hero for being over-provisioned.

A solution like this is those bolt cutters - I can admire it, but the odds I'm out on a walk with it, is very, very low.

Now if you work in a bolt factory, sure, this can run on every laptop, every user account, every environment.

But I'd hope my edge firewalls are L7 scanning for cyrillic 'i' in my domains cause otherwise I'm just gonna connect and get myself hacked.

userbinator•1h ago
My terminal is set to CP437 and uses a font incapable of rendering anything else.

Then again, I don't blindly pipe directly from the network into the shell either.

adzm•9m ago
The word tirith means guard (or watch) in Sindarin, one of Tolkien's languages from Lord of the Rings. See also Minas Tirith! I really enjoy this utility's name.

Claude Opus 4.6

https://www.anthropic.com/news/claude-opus-4-6
1836•HellsMaddy•13h ago•765 comments

Things Unix can do atomically (2010)

https://rcrowley.org/2010/01/06/things-unix-can-do-atomically.html
35•onurkanbkrc•1h ago•8 comments

GPT-5.3-Codex

https://openai.com/index/introducing-gpt-5-3-codex/
1228•meetpateltech•13h ago•469 comments

Systems Thinking

http://theprogrammersparadox.blogspot.com/2026/02/systems-thinking.html
38•r4um•1h ago•13 comments

My AI Adoption Journey

https://mitchellh.com/writing/my-ai-adoption-journey
507•anurag•12h ago•156 comments

Show HN: Artifact Keeper – Open-Source Artifactory/Nexus Alternative in Rust

https://github.com/artifact-keeper
18•bsgeraci•2h ago•3 comments

We tasked Opus 4.6 using agent teams to build a C Compiler

https://www.anthropic.com/engineering/building-c-compiler
492•modeless•12h ago•456 comments

Recreating Epstein PDFs from raw encoded attachments

https://neosmart.net/blog/recreating-epstein-pdfs-from-raw-encoded-attachments/
307•ComputerGuru•1d ago•96 comments

Unlocking high-performance PostgreSQL with key memory optimizations

https://stormatics.tech/blogs/unlocking-high-performance-postgresql-key-memory-optimizations
28•camille_134•4d ago•1 comments

I reversed Tower of Fantasy's anti-cheat driver: a BYOVD toolkit never loaded

https://vespalec.com/blog/tower-of-flaws/
41•svespalec•3h ago•14 comments

Animated Knots

https://www.animatedknots.com/
148•ostacke•3d ago•18 comments

Waiting for Postgres 19: Better planner hints with path generation strategies [video]

https://www.youtube.com/watch?v=QLb3nhIy2Lc
18•sbuttgereit•3h ago•1 comments

GitHub Actions is slowly killing engineering teams

https://www.iankduncan.com/engineering/2026-02-05-github-actions-killing-your-team/
165•codesuki•4h ago•69 comments

Review of 1984 by Isaac Asimov (1980)

https://www.newworker.org/ncptrory/1984.htm
131•doruk101•9h ago•62 comments

How to carry more than your own bodyweight (2025)

https://www.bbc.com/future/article/20250124-how-to-carry-more-than-your-own-bodyweight
8•1659447091•3d ago•3 comments

MenuetOS – a GUI OS that boots from a single floppy disk

https://www.menuetos.net/
135•pjerem•3d ago•27 comments

The RCE that AMD won't fix

https://mrbruh.com/amd/
144•MrBruh•7h ago•62 comments

Claude Opus 4.6 extra usage promo

https://support.claude.com/en/articles/13613973-claude-opus-4-6-extra-usage-promo
149•rob•10h ago•44 comments

LinkedIn checks for 2953 browser extensions

https://github.com/mdp/linkedin-extension-fingerprinting
367•mdp•11h ago•178 comments

Hypernetworks: Neural Networks for Hierarchical Data

https://blog.sturdystatistics.com/posts/hnet_part_I/
59•mkmccjr•14h ago•4 comments

The time I didn't meet Jeffrey Epstein

https://scottaaronson.blog/?p=9534
129•pfdietz•11h ago•119 comments

Orchestrate teams of Claude Code sessions

https://code.claude.com/docs/en/agent-teams
339•davidbarker•13h ago•191 comments

Generative Pen-Trained Transformer

https://theodore.net/projects/Polargraph/
6•Twarner•2h ago•0 comments

What if writing tests was a joyful experience? (2023)

https://blog.janestreet.com/the-joy-of-expect-tests/
55•ryanhn•9h ago•22 comments

Company as Code

https://blog.42futures.com/p/company-as-code
235•ahamez•18h ago•118 comments

Show HN: Local task classifier and dispatcher on RTX 3080

https://github.com/resilientworkflowsentinel/resilient-workflow-sentinel
17•Shubham_Amb•7h ago•0 comments

The browser catches homograph attacks, the terminal doesn't

https://github.com/sheeki03/tirith
44•MrBuddyCasino•2d ago•10 comments

Same Radio, Different Citizens

https://blog.cosmos-institute.org/p/same-radio-different-citizens
7•surprisetalk•4d ago•2 comments

The New Collabora Office for Desktop

https://www.collaboraonline.com/collabora-office/
163•mfld•17h ago•101 comments

Don't rent the cloud, own instead

https://blog.comma.ai/datacenter/
1126•Torq_boi•1d ago•463 comments