frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Building a Procedural Hex Map with Wave Function Collapse

https://felixturner.github.io/hex-map-wfc/article/
176•imadr•2h ago•29 comments

Bluesky CEO Jay Graber is stepping down

https://bsky.social/about/blog/03-09-2026-a-new-chapter-for-bluesky
73•minimaxir•47m ago•57 comments

JSLinux Now Supports x86_64

https://bellard.org/jslinux/
102•TechTechTech•3h ago•18 comments

Show HN: The Mog Programming Language

https://moglang.org
49•belisarius222•2h ago•16 comments

DARPA's new X-76

https://www.darpa.mil/news/2026/darpa-new-x-76-speed-of-jet-freedom-of-helicopter
67•newer_vienna•3h ago•59 comments

Launch HN: Terminal Use (YC W26) – Vercel for filesystem-based agents

46•filipbalucha•3h ago•25 comments

Fixfest is a global gathering of repairers, tinkerers, and activists

https://fixfest.therestartproject.org/
99•robtherobber•2h ago•9 comments

Restoring a Sun SPARCstation IPX part 1: PSU and NVRAM (2020)

https://www.rs-online.com/designspark/restoring-a-sun-sparcstation-ipx-part-1-psu-and-nvram
69•ibobev•4h ago•35 comments

Show HN: DenchClaw – Local CRM on Top of OpenClaw

https://github.com/DenchHQ/DenchClaw
48•kumar_abhirup•5h ago•46 comments

Flash media longevity testing – 6 years later

https://old.reddit.com/r/DataHoarder/comments/1q6xnun/flash_media_longevity_testing_6_years_later/
98•1970-01-01•1d ago•46 comments

Fontcrafter: Turn Your Handwriting into a Real Font

https://arcade.pirillo.com/fontcrafter.html
363•rendx•10h ago•118 comments

Florida judge rules red light camera tickets are unconstitutional

https://cbs12.com/news/local/florida-news-judge-rules-red-light-camera-tickets-unconstitutional
108•1970-01-01•2h ago•177 comments

Rethinking Syntax: Binding by Adjacency

https://github.com/manifold-systems/manifold/blob/master/docs/articles/binding_exprs.md
17•owlstuffing•1d ago•3 comments

Jolla on track to ship new phone with Sailfish OS, user-replaceable battery

https://liliputing.com/the-new-jolla-phone-with-sailfish-os-is-on-track-to-start-shipping-in-the-...
127•heresie-dabord•3h ago•79 comments

Ireland shuts last coal plant, becomes 15th coal-free country in Europe (2025)

https://www.pv-magazine.com/2025/06/20/ireland-coal-free-ends-coal-power-generation-moneypoint/
726•robin_reala•9h ago•437 comments

An opinionated take on how to do important research that matters

https://nicholas.carlini.com/writing/2026/how-to-win-a-best-paper-award.html
32•mad•3h ago•2 comments

Reverse-engineering the UniFi inform protocol

https://tamarack.cloud/blog/reverse-engineering-unifi-inform-protocol
118•baconomatic•7h ago•48 comments

What I Always Wanted to Know about Second Class Values

https://dl.acm.org/doi/epdf/10.1145/3759427.3760373
16•todsacerdoti•3h ago•7 comments

FreeBSD Capsicum vs. Linux Seccomp Process Sandboxing

https://vivianvoss.net/blog/capsicum-vs-seccomp
90•vermaden•7h ago•33 comments

Velxio, Arduino Emulator

https://velxio.dev/
4•dmonterocrespo•1d ago•3 comments

Uber reported to the state that I was fired for "annoying a coworker."

https://anon-ex-uber.medium.com/uber-reported-to-the-state-that-i-was-fired-for-annoying-a-cowork...
30•anon-ex-uber•32m ago•6 comments

US Court of Appeals: TOS may be updated by email, use can imply consent [pdf]

https://cdn.ca9.uscourts.gov/datastore/memoranda/2026/03/03/25-403.pdf
487•dryadin•13h ago•376 comments

Algebraic topology: knots links and braids

https://aeb.win.tue.nl/at/algtop-5.html
45•marysminefnuf•5h ago•4 comments

Durdraw – ANSI art editor for Unix-like systems

https://durdraw.org/
5•caminanteblanco•57m ago•0 comments

Workers report watching Ray-Ban Meta-shot footage of people using the bathroom

https://arstechnica.com/gadgets/2026/03/workers-report-watching-ray-ban-meta-shot-footage-of-peop...
30•randycupertino•1h ago•5 comments

Is legal the same as legitimate: AI reimplementation and the erosion of copyleft

https://writings.hongminhee.org/2026/03/legal-vs-legitimate/
150•dahlia•4h ago•143 comments

FFmpeg at Meta: Media Processing at Scale

https://engineering.fb.com/2026/03/02/video-engineering/ffmpeg-at-meta-media-processing-at-scale/
191•sudhakaran88•14h ago•81 comments

Unlocking Python's Cores:Energy Implications of Removing the GIL

https://arxiv.org/abs/2603.04782
108•runningmike•3d ago•75 comments

Show HN: VS Code Agent Kanban: Task Management for the AI-Assisted Developer

https://www.appsoftware.com/blog/introducing-vs-code-agent-kanban-task-management-for-the-ai-assi...
81•gbro3n•9h ago•38 comments

Grammarly is offering ‘expert’ AI reviews from famous dead and living writers

https://www.wired.com/story/grammarly-is-offering-expert-ai-reviews-from-your-favorite-authors-de...
111•jmsflknr•4d ago•143 comments
Open in hackernews

Lazy JWT Key Rotation in .NET: Redis-Powered JWKS That Just Works

https://www.aaronpina.com/lazy-jwt-key-rotation-in-net-redis-powered-jwks-that-just-works/
13•aaronpina•1d ago

Comments

time4tea•2h ago
The key material is in redis? Seems odd. Should be in fips 140 hsm? Else key can be stolen easy.

Maybe missed something.

a_random_name•2h ago
(glanced at it so I could be wrong) They're talking about a public key that can be used to validate the JWT's authenticity. AFAIK there is no need to keep these secret, and it's not possible to (without breaking public key crypto) forge them so it should be safe to store them wherever.
time4tea•2h ago
From article:

Private key redis key

    public static string PrivateKey(string kid) => $"{Root}:jwks:private:{kid}"; // full private material (short life)
a_random_name•2h ago
TY, that seems like not the best practice.
nijave•2h ago
How can the key be stolen easily? That really depends on the security of the Redis setup. Redis is typically not internet accessible so you'd need some sort of server exploit.

Would have been good if the article example showed a Redis server with TLS and password auth.

time4tea•2h ago
Private key material should not be kept in the clear anywhere, ideally. This includes on your dev machine, serialised in a store, in the heap of your process, anywhere. Of course, it depends on your threat environment, but the article did mention pci-dss. If you put it in redis, then anyone that has access (internal baddies exist too!) can steal the key and sign something. Its hard to repudiate that.
flumpcakes•51m ago
How far do you go, how do you use the private key to sign something if you can't keep it anywhere?
JackSlateur•47m ago
TPM

You never have the private key, only the ability to ask something to encrypt/sign something

legulere•33m ago
Much simpler: just store session ids in Redis.

I skimmed over the previous articles in this blog and they don't seem to mention the one use case JWTs were made for: having a separate authentication server from the application server. Most developers will only need this for integrating into corporations with single sign in or social logins (sign in with Facebook/google/apple...). There you won't write the authentication server but integrate with them. Session Ids are dead simple to get right securely. Just use them.