frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Show HN: Running the second public ODoH relay

https://numa.rs/blog/posts/odoh-anonymous-dns-without-an-account.html
36•rdme•1h ago•11 comments

Claude for Small Business

https://www.anthropic.com/news/claude-for-small-business
334•neilfrndes•8h ago•267 comments

Myths about /dev/urandom (2014)

https://www.2uo.de/myths-about-urandom/
12•signa11•59m ago•4 comments

Scorched Earth 2000 – Web

http://www.scorch2000.com/web/
298•meshko•11h ago•108 comments

The Tree House: A voyage to the source of a backyard dream

https://www.laphamsquarterly.org/roundtable/tree-house
6•Caiero•2d ago•0 comments

Linux gaming is faster because Windows APIs are becoming Linux kernel features

https://www.xda-developers.com/linux-gaming-is-getting-faster-because-windows-apis-are-becoming-l...
798•haunter•3d ago•507 comments

Classic 7 is a Windows 10 LTSC mod to look 1:1 to Windows 7

https://classic7.lol/
98•jandeboevrie•5h ago•85 comments

Setting up a free *.city.state.us locality domain (2025)

https://fredchan.org/blog/locality-domains-guide/
575•speckx•21h ago•180 comments

Leaving the Physical World

https://www.eff.org/pages/leaving-physical-world
40•andsoitis•3d ago•13 comments

Technical Dimensions of Live Feedback in Programming Systems

https://joshuahhh.com/dims-of-feedback/
23•tobr•3d ago•4 comments

MacBook Neo Deep Dive: Benchmarks, Wafer Economics, and the 8GB Gamble

https://www.jdhodges.com/blog/macbook-neo-benchmarks-analysis/
254•tosh•17h ago•293 comments

A History of IDEs at Google

https://laurent.le-brun.eu/blog/a-history-of-ides-at-google
395•laurentlb•5d ago•259 comments

The Emacsification of Software

https://sockpuppet.org/blog/2026/05/12/emacsification/
329•rdslw•1d ago•209 comments

A Claude Code and Codex Skill for Deliberate Skill Development

https://github.com/DrCatHicks/learning-opportunities
81•cdrnsf•9h ago•16 comments

Saying Goodbye to one line of APL

https://homewithinnowhere.com/posts/2026-05-10-one-line.html#fnref1
10•tosh•3d ago•6 comments

Chess puzzle I found in my dad's old book

https://ardoedo.it/kempelen/
175•Eswo•2d ago•53 comments

Show HN: Nibble

https://github.com/glouw/nibble
66•glouwbug•10h ago•12 comments

They Said It Would Cost $54M. We Said "No Thanks."

https://nateglubish.substack.com/p/they-said-it-would-cost-54-million
41•idw•1h ago•34 comments

Avoiding and reducing microplastic false positives from dry glove contact

https://pubs.rsc.org/en/content/articlelanding/2026/ay/d5ay01801c
66•efavdb•11h ago•14 comments

Extraordinary Ordinals

https://text.marvinborner.de/2026-04-09-17.html
30•marvinborner•2d ago•12 comments

Show HN: Needle: We Distilled Gemini Tool Calling into a 26M Model

https://github.com/cactus-compute/needle
690•HenryNdubuaku•1d ago•197 comments

Cisco workforce reductions

https://blogs.cisco.com/news/our-path-forward
229•ahmedomran8•10h ago•228 comments

Twin brothers wipe 96 government databases minutes after being fired

https://arstechnica.com/tech-policy/2026/05/drop-database-what-not-to-do-after-losing-an-it-job/
458•jnord•1d ago•376 comments

The US is winning the AI race where it matters most: commercialization

https://avkcode.github.io/blog/us-winning-ai-race.html
211•akrylov•22h ago•581 comments

Xs of Y – roguelike that names itself every run. Written in 4kLoC

https://github.com/nooga/xsofy
194•andsoitis•4d ago•84 comments

The Deathbed Notes of Henry James (1968)

https://www.theatlantic.com/past/docs/unbound/flashbks/james/jnote.htm
13•Hooke•1d ago•0 comments

Heritability of human life span is ~50% when heritability is redefined

https://dynomight.net/lifespan/
106•surprisetalk•1d ago•61 comments

How can Apple deal with the memory shortage?

https://asymco.com/2026/05/11/the-great-memory-panic-of-2026/
111•tambourine_man•2d ago•123 comments

Launch HN: Ardent (YC P26) – Postgres sandboxes in seconds with zero migration

https://www.tryardent.com/
92•vc289•19h ago•38 comments

Reverting the incremental GC in Python 3.14 and 3.15

https://discuss.python.org/t/reverting-the-incremental-gc-in-python-3-14-and-3-15/107014
243•curiousgal•4d ago•100 comments
Open in hackernews

Show HN: Running the second public ODoH relay

https://numa.rs/blog/posts/odoh-anonymous-dns-without-an-account.html
34•rdme•1h ago
Every privacy-focused DNS service requires an account: NextDNS, Cloudflare for Families, Apple's iCloud Private Relay (paid, iOS-only). The protocol that doesn’t require one - ODoH - had basically one well-known public relay operator (Frank Denis on Fastly Compute, default in dnscrypt-proxy). I built a second one and the client to talk to it.

Comments

rdme•1h ago
The relay is a systemd unit on a VPS, Caddy for TLS, SSRF-hardened (regex-strict hostnames, no IP literals). eTLD+1 same-operator check rejects relay+target run by the same org by default. HPKE is odoh-rs from Cloudflare

``` cargo install numa

# set mode = "odoh" in numa.toml ```

Repo: https://github.com/razvandimescu/numa

cedws•50m ago
What’s the selling point of ODoH given the low uptake of ECH which means the name of the server you’re talking to is given away anyway?
fc417fc802•47m ago
I'd think that if you've got several leaks then patching one up is still forward progress even if it doesn't deliver a full fix immediately.
rdme•41m ago
They solve different things. ODoH hides your question, not who you're talking to.
fc417fc802•23m ago
Sure ODoH hides your query but you then turn around and leak the question you just asked as part of the TLS handshake.
elp•12m ago
My, admittedly cynical, view of it is that the main selling point is that you share your data with the person running the ODoH server.

The truth is that very very few people run their own recursive nameserver. The entirely reasonable assumption for any authoritative nameserver, like .com, is that the query is being asked on behalf of someone else and knowing that a user of your nameserver asked for the ip of sexysheep.com doesn't give them a lot of useful info.

I'm think many ISPs actually sell a lot of data from their recursive nameservers, but I'm willing to bet that almost no-one bothers to sniff port 53 udp traffic going elsewhere.

My vote for the best privacy option is always going to be just run pi-hole with your own recursive nameservers.

petcat•8m ago
> your own recursive nameserver

But then the internet can know that you are the one using your own resolvers and so they can trivially identify your traffic.

Really you need to use some public resolver with a critical mass of other users in order to have any hope for anonymity. But then of course you have to trust that resolver too.

jeroenhd•7m ago
It means you can use a decently fast DNS server like Cloudflare without the major privacy problems of using Cloudflare. Or DNS4EU, or any non-ISP DNS server really.

Your ISP snooping on you with SNI logging is something people using normal ISPs don't need to worry about, but feeding all your data into a profit-driven company is.

gigatexal•29m ago
What would it take to get truly anonymous dns? I guess it’s not really possible no?
fc417fc802•25m ago
Why not? Cloudflare makes 1.1.1.1 available over tor although the latency is through the roof and you still need to consider the possibility of fingerprinting the client network stack.