frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

GPT-5.5

https://openai.com/index/introducing-gpt-5-5/
909•rd•4h ago•532 comments

Bitwarden CLI compromised in ongoing Checkmarx supply chain campaign

https://socket.dev/blog/bitwarden-cli-compromised
570•tosh•8h ago•265 comments

MeshCore development team splits over trademark dispute and AI-generated code

https://blog.meshcore.io/2026/04/23/the-split
119•wielebny•5h ago•68 comments

An update on recent Claude Code quality reports

https://www.anthropic.com/engineering/april-23-postmortem
471•mfiguiere•4h ago•355 comments

Show HN: Agent Vault – Open-source credential proxy and vault for agents

https://github.com/Infisical/agent-vault
32•dangtony98•1d ago•7 comments

Show HN: Tolaria – open-source macOS app to manage Markdown knowledge bases

https://github.com/refactoringhq/tolaria
8•lucaronin•35m ago•3 comments

Palantir employees are starting to wonder if they're the bad guys

https://www.wired.com/story/palantir-employees-are-starting-to-wonder-if-theyre-the-bad-guys/
551•pavel_lishin•5h ago•400 comments

Girl, 10, finds rare Mexican axolotl under Welsh bridge

https://www.bbc.com/news/articles/c9d4zgnqpqeo
140•codezero•3h ago•88 comments

Incident with multple GitHub services

https://www.githubstatus.com/incidents/myrbk7jvvs6p
170•bwannasek•6h ago•86 comments

Using the internet like it's 1999

https://joshblais.com/blog/using-the-internet-like-its-1999/
70•joshuablais•2h ago•43 comments

I am building a cloud

https://crawshaw.io/blog/building-a-cloud
944•bumbledraven•17h ago•464 comments

UK Biobank health data keeps ending up on GitHub

https://biobank.rocher.lc
36•Cynddl•8h ago•8 comments

My phone replaced a brass plug

https://drobinin.com/posts/my-phone-replaced-a-brass-plug/
37•valzevul•6h ago•7 comments

Astronomers find the edge of the Milky Way

https://skyandtelescope.org/astronomy-news/astronomers-find-the-edge-of-the-milky-way/
61•bookofjoe•4h ago•9 comments

Your hex editor should color-code bytes

https://simonomi.dev/blog/color-code-your-bytes/
464•tobr•2d ago•136 comments

A programmable watch you can actually wear

https://www.hackster.io/news/a-diy-watch-you-can-actually-wear-8f91c2dac682
113•sarusso•2d ago•58 comments

French government agency confirms breach as hacker offers to sell data

https://www.bleepingcomputer.com/news/security/french-govt-agency-confirms-breach-as-hacker-offer...
338•robtherobber•6h ago•118 comments

Show HN: Honker – Postgres NOTIFY/LISTEN Semantics for SQLite

https://github.com/russellromney/honker
215•russellthehippo•10h ago•47 comments

Apple fixes bug that cops used to extract deleted chat messages from iPhones

https://techcrunch.com/2026/04/22/apple-fixes-bug-that-cops-used-to-extract-deleted-chat-messages...
839•cdrnsf•1d ago•181 comments

GPT-5.5: Mythos-Like Hacking, Open to All

https://xbow.com/blog/mythos-like-hacking-open-to-all
31•rs_rs_rs_rs_rs•4h ago•5 comments

Advanced Packaging Limits Come into Focus

https://semiengineering.com/advanced-packaging-limits-come-into-focus/
21•PaulHoule•2d ago•3 comments

WireGuard for Windows Reaches v1.0

https://lists.zx2c4.com/pipermail/wireguard/2026-April/009580.html
75•zx2c4•2d ago•2 comments

I spent years trying to make CSS states predictable

https://tenphi.me/blog/why-i-spent-years-trying-to-make-css-states-predictable/
37•tenphi•9h ago•6 comments

Writing a C Compiler, in Zig (2025)

https://ar-ms.me/thoughts/c-compiler-1-zig/
124•tosh•13h ago•36 comments

Arch Linux Now Has a Bit-for-Bit Reproducible Docker Image

https://antiz.fr/blog/archlinux-now-has-a-reproducible-docker-image/
287•maxloh•20h ago•101 comments

If America's so rich, how'd it get so sad?

https://www.derekthompson.org/p/if-americas-so-rich-howd-it-get-so
366•momentmaker•6h ago•671 comments

Jiga (YC W21) Is Hiring

https://jiga.io/about-us/
1•grmmph•10h ago

How the Tech World Turned Evil

https://newrepublic.com/article/208876/tech-world-evil-musk-bezos-thiel
56•thomasstephan•1h ago•9 comments

Alberta startup sells no-tech tractors for half price

https://wheelfront.com/this-alberta-startup-sells-no-tech-tractors-for-half-price/
2123•Kaibeezy•1d ago•726 comments

A Renaissance gambling dispute spawned probability theory

https://www.scientificamerican.com/article/how-a-renaissance-gambling-dispute-spawned-probability...
89•sohkamyung•2d ago•13 comments
Open in hackernews

UK Biobank health data keeps ending up on GitHub

https://biobank.rocher.lc
36•Cynddl•8h ago
I'm a researcher studying privacy, and I started tracking the DMCA notices that UK Biobank sends to GitHub. I tracked 110 notices filed so far, targeting 197 code repositories by 170 developers across the world.

The exposure of Biobank data on GitHub is the latest in a long series of governance challenges for UK Biobank. (My colleague and I have an editorial in the BMJ about this: http://bmj.com/cgi/content/full/bmj.s660?ijkey=dEot4dJZGZGXe...). The latest is today, with information of all half a million members listed for sale on Alibaba.

Looking at the takedown notices, we often see specific files being targeted rather than entire repositories (possibly to justify the copyright infringement as required for a takedown notice, not a copyright expert; although it is clear that they only use DMCA notices as a last resort, for GitHub users they cannot identify, and who were likely not given access in the first place). A quarter of the files are genetic/genomics. Tabular data account for another large share and could contain phenotype or health records.

Comments

michaelt•1h ago
> It has given 20,000 researchers around the world access under strict agreements that prohibit sharing data further.

To me it seems rather naive to have done that.

After all, you can't un-leak medical data. So even if the "strict agreement" included huge punishments, there's no getting the toothpaste back in the tube.

If you want to ensure compliance before a leak happens you have to (ugh) audit their compliance. And that isn't something that scales to 20,000 researchers.

Too late to do anything about it now though :(

John7878781•1h ago
What are the pros/cons of just open-sourcing everything for future bio bank projects?
Cynddl•1h ago
You mean giving anyone access to the data? Or open sourcing the code? If the latter, I think that's a generally a good practice. Security through obscurity is never good for public infrastructure. In this case, UK Biobank has now switched to a remote access platform (not particularly secure, as the data was found for sale on Alibaba today), but contracting it to DNAnexus and Amazon. Private companies have no incentives to open source data, unless mandated to do so.

In the EU, there is a bigger interest in building scalable but also secure platforms for health data. Hopefully good innovation will come from there.

renewiltord•55m ago
Hard to do. The same people with the collection and tracking infrastructure required are infinitely sue-able so you need legal protection if anything goes wrong.
culi•21m ago
The people who agreed to contribute their biodata did not consent to that.

If you want such a project you need to have a new project with a different agreement. I doubt you could get as many volunteers to freely give away such intimate data to anyone who wants though

michaelt•4m ago
It's exceptionally difficult to avoid the data being de-anonymised.

If an 'anonymised' medical record says the person was born 6th September 1969, received treatment for a broken arm on 1 April 2004, and received a course of treatment in 2009 after catching the clap on holiday in Thailand - that's enough bits of information to uniquely identify me.

You could embrace this reality, of course - 95% of people's medical histories don't contain anything particularly embarrassing, so you might be able to get enough participants anyway.

captn3m0•33m ago
Took me 5 minutes to find more: https://github.com/tanaylab/Mendelson_et_al_2023/blob/9c5a65... (Uses Date of Birth column).

And some information on how they were distributing it to researchers: https://github.com/broadinstitute/ml4h/blob/master/ingest/uk...

> The following steps require the ukbunpack and ukbconv utilities from the UK Biobank website. The file decrypt_all.sh will run through the following steps on one of the on-prem servers.

> Once the data is downloaded, it needs to be "ukbunpacked" which decrypts it, and then converts it to a file format of choice. Both ukbunpack and ukbconv are available from the UK Biobank's website. The decryption has to happen on a linux system if you download the linux tools, e.g. the Broad's on-prem servers. Note that you need plenty of space to decrypt/unpack, and the programs may fail silently if disk space runs out during the middle.

https://biobank.ctsu.ox.ac.uk/crystal/download.cgi

Cynddl•24m ago
Good catch! The data is everywhere, re-uploaded every week.

I am aware of ~30 repositories that UK Biobank has asked GitHub to delete, and can still be found elsewhere online. They know the site, they have managed to delete data from that site before, and yet the files are still there.