frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

Follow-up to Carrot disclosure: Forgejo

https://dustri.org/b/follow-up-to-carrot-disclosure-forgejo.html
19•homebrewer•1h ago

Comments

homebrewer•1h ago
Previously:

https://news.ycombinator.com/item?id=47941590

bombcar•1h ago
This is the classic response of a troll.
kstrauser•38m ago
> and it seems that experimenting with odd vulnerability disclosure schemes is frowned upon.

Good grief, you weren't kidding.

No kidding, my guy. We've spent a few decades coming to a rough consensus on the right way to report findings. No one's likely to have patience for trying something totally different where they don't have standardized playbooks to follow.

bmandale•52m ago
Missed the original. That seems like a reasonable way to highlight software that you believe is fundamentally insecure. Obviously you can't be on the hook to fix deep architectural issues yourself, but just submitting a single PR will be treated as "problem solved". Since most of any software contains some vulnerability, just saying "this software has an RCE" isn't actually a disclosure at all. The real issue is that the given vulnerability was (supposedly) easy to find, which if true is not something that will be fixed by targeting just that exploit chain, and needs deep changes to fix.
aaronbrethorst•26m ago
Tangential: the favicon for dustri.org is from a really delightful (and hilariously dark) children's book called "I Want My Hat Back" https://en.wikipedia.org/wiki/I_Want_My_Hat_Back

Rivian allows you to disable all internet connectivity

https://rivian.com/support/article/can-i-disable-all-data-collection-from-my-vehicle
117•Cider9986•45m ago•37 comments

How Mark Klein told the EFF about Room 641A [book excerpt]

https://thereader.mitpress.mit.edu/the-whistleblower-who-uncovered-the-nsas-big-brother-machine/
328•the-mitr•4h ago•92 comments

Shai-Hulud Themed Malware Found in the PyTorch Lightning AI Training Library

https://semgrep.dev/blog/2026/malicious-dependency-in-pytorch-lightning-used-for-ai-training/
252•j12y•5h ago•80 comments

LinkedIn scans for 6,278 extensions and encrypts the results into every request

https://404privacy.com/blog/linkedin-is-scanning-your-browser-extensions-this-is-how-they-use-the...
77•un-nf•1h ago•16 comments

I built a Game Boy emulator in F#

https://nickkossolapov.github.io/fame-boy/building-a-game-boy-emulator-in-fsharp/
135•elvis70•3h ago•34 comments

CopyFail was not disclosed to Gentoo developer

https://www.openwall.com/lists/oss-security/2026/04/30/10
256•ori_b•4h ago•172 comments

U.S. Senators Vote to Ban Themselves from Trading on Prediction Markets

https://www.wsj.com/politics/policy/senators-vote-to-ban-themselves-from-trading-on-prediction-ma...
156•kamaraju•1h ago•52 comments

Claude Code refuses requests or charges extra if your commits mention "OpenClaw"

https://twitter.com/theo/status/2049645973350363168
742•elmean•6h ago•433 comments

Belgium stops decommissioning nuclear power plants

https://dpa-international.com/general-news/urn:newsml:dpa.com:20090101:260430-930-14717/
681•mpweiher•8h ago•598 comments

How an oil refinery works

https://www.construction-physics.com/p/how-an-oil-refinery-works
257•chmaynard•7h ago•65 comments

Reverse Engineering SimTower

https://phulin.me/blog/simtower
36•patrickhulin•2d ago•5 comments

Durable queues, streams, pub/sub, and a cron scheduler – inside your SQLite file

https://honker.dev/
131•ferriswil•6h ago•34 comments

You can beat the binary search

https://lemire.me/blog/2026/04/27/you-can-beat-the-binary-search/
193•vok•3d ago•96 comments

Full-Text Search with DuckDB

https://peterdohertys.website/blog-posts/full-text-search-w-duckdb.html
41•ethagnawl•2h ago•11 comments

The Church Rock Uranium Mill Spill

https://en.wikipedia.org/wiki/Church_Rock_uranium_mill_spill
16•Sir_Twist•2d ago•2 comments

Does Postgres Scale?

https://www.dbos.dev/blog/benchmarking-workflow-execution-scalability-on-postgres
37•KraftyOne•2h ago•16 comments

Follow-up to Carrot disclosure: Forgejo

https://dustri.org/b/follow-up-to-carrot-disclosure-forgejo.html
19•homebrewer•1h ago•5 comments

Patch Your Kernel NOW: 732byte Python rootkit, cracks all distros since 2017

https://github.com/rootsecdev/cve_2026_31431
4•cednore•23m ago•2 comments

I aggregated 28 US Government auction sites into one search

https://bidprowl.com
204•scarsam•8h ago•62 comments

Mozilla's opposition to Chrome's Prompt API

https://github.com/mozilla/standards-positions/issues/1213#issuecomment-4347988313
516•jaffathecake•13h ago•199 comments

10Gb/s Ethernet: what I did to get it working in my home

https://www.gilesthomas.com/2026/04/10g-ethernet-what-i-did
99•gpjt•1d ago•74 comments

Spain's parliament will act against massive IP blockages by LaLiga

https://www.democrata.es/en/politics/congress-and-senate/congress-will-act-against-massive-ip-blo...
331•akyuu•5h ago•154 comments

Recovering files from beyond the grave using PhotoRec

https://lost-number.bearblog.dev/recovering-files-from-beyond-the-grave-using-photorec/
29•speckx•3h ago•5 comments

How Semiconductors Were Made in America

https://www.siliconimist.com/p/semiconductors-made-in-america
27•johncole•2d ago•16 comments

The upsell game – Vercel upselling tactics revealed

https://theupsellgame.com/
15•bartoindahouse•1h ago•0 comments

A 1960s art school experiment that redefined creativity

https://thereader.mitpress.mit.edu/the-1960s-art-school-experiment-that-redefined-creativity/
63•pseudolus•5h ago•18 comments

American Dads Became the Parents Their Fathers Never Were

https://www.derekthompson.org/p/why-do-richer-dads-spend-more-time
32•ozozozd•4h ago•9 comments

Hackers are actively exploiting a bug in cPanel and WHM

https://techcrunch.com/2026/04/30/hackers-are-actively-exploiting-a-bug-in-cpanel-used-by-million...
4•dotmanish•28m ago•0 comments

Granite 4.1: IBM's 8B Model Matching 32B MoE

https://firethering.com/granite-4-1-ibm-open-source-model-family/
259•steveharing1•10h ago•163 comments

Apple reports second quarter results

https://www.apple.com/newsroom/2026/04/apple-reports-second-quarter-results/
4•mfiguiere•38m ago•0 comments