frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

John Deere owners will get the right to repair equipment under FTC settlement

https://apnews.com/article/john-deere-right-to-repair-agriculture-equipment-cb7514ffedb95c130a976...
260•djoldman•1h ago•56 comments

Separating signal from noise in coding evaluations

https://openai.com/index/separating-signal-from-noise-coding-evaluations/
154•sk4rekr0w•4h ago•59 comments

A software engineering interview question I like: computing the median

https://krisshamloo.com/blog/007
17•speckx•59m ago•7 comments

Chatto is now open source

https://www.hmans.dev/blog/chatto-is-open-source
727•speckx•10h ago•192 comments

Unicode's transliteration rules are Turing-complete

https://seriot.ch/computation/uts35/
31•beefburger•15h ago•4 comments

Mistral's Robostral Navigate: a state of the art robotics navigation model

https://mistral.ai/news/robostral-navigate/
411•ottomengis•11h ago•96 comments

Rewriting Bun in Rust

https://simonwillison.net/2026/Jul/8/rewriting-bun-in-rust/
5•doppp•14m ago•2 comments

Remote Attestation

https://www.liamcvw.com/p/remote-attestation
15•lcvw•1h ago•8 comments

Cloudflare Drop

https://www.cloudflare.com/drop/
242•coloneltcb•6h ago•125 comments

Show HN: Microsoft releases Flint, a visualization language for AI agents

https://microsoft.github.io/flint-chart/#/
198•chenglong-hn•7h ago•75 comments

We made Grok 4.5, GPT-5.5, and Claude build the same apps

https://www.tryai.dev/blog/grok-4.5-vs-gpt-5.5-vs-claude-build-off
51•hershyb_•2h ago•19 comments

Grok 4.5

https://x.ai/news/grok-4-5
468•BoumTAC•7h ago•581 comments

Show HN: Yamanote.fun – A complete soundscape for Tokyo's Yamanote line

https://www.yamanote.fun/
52•madebymagnolia•1d ago•13 comments

Turning a pile of documents into a searchable useable knowledge base

https://github.com/linuxrebel/DocuBrowser
73•linuxrebe1•4h ago•11 comments

MIRA: Multiplayer Interactive World Models Trained on Rocket League

https://mira-wm.com/
10•ethanlipson•1h ago•2 comments

FAANG Simulator

https://www.abeyk.com/escape-the-rat-race/
276•nerdbiscuits•5h ago•107 comments

GPT‑Live

https://openai.com/index/introducing-gpt-live/
600•logickkk1•8h ago•403 comments

A bug which affected only left handed users

https://shkspr.mobi/blog/2026/07/a-bug-which-only-affected-left-handed-users/
83•sixhobbits•12h ago•43 comments

Rewriting Bun in Rust

https://bun.com/blog/bun-in-rust
274•afturner•3h ago•151 comments

Patching MechCommander's "left arm bug" for fun and profit

https://mhloppy.com/2026/05/mechcommander-weapons-left-arm-bug-fix/
5•Narann•3d ago•0 comments

TypeScript 7

https://devblogs.microsoft.com/typescript/announcing-typescript-7-0/
464•DanRosenwasser•9h ago•177 comments

New Sweden: the US's long-lost 'secret' colony

https://www.bbc.com/travel/article/20260629-new-sweden-the-uss-long-lost-secret-colony
46•bookofjoe•6h ago•3 comments

DKIM2 and DMARCbis Have Landed

https://stalw.art/blog/dkim2-dmarcbis/
75•StalwartLabs•2d ago•52 comments

Beyond Git: Real-Time Version Control for Godot – Lilith Duncan – GodotCon 2026 [video]

https://www.youtube.com/watch?v=CAJ_iIedx_I
9•surprisetalk•6d ago•1 comments

Decoding the obfuscated bash script on a Uniqlo t-shirt

https://tris.sherliker.net/blog/obfuscated-self-evaluating-bash-script-by-cdn-akamai-being-suppli...
1297•speerer•16h ago•207 comments

Show HN: Frugon – Find which LLM calls a cheaper model could handle (local, MIT)

https://github.com/Rodiun/frugon
9•jarodrh•1d ago•2 comments

OpenMandriva: Statement regarding attempted distribution sabotage

https://forum.openmandriva.org/t/statement-regarding-attempted-distribution-sabotage/8997
73•workethics•7h ago•13 comments

Cloudflare Meerkat - Globally distributed consensus

https://blog.cloudflare.com/meerkat-introduction/
217•bobnamob•12h ago•45 comments

My road trip with the do-gooding cactus smugglers

https://economist.com/1843/2026/03/06/my-road-trip-with-the-do-gooding-cactus-smugglers
15•andsoitis•3d ago•1 comments

Open Source Barware: free, local-first bar inventory software (GPLv3)

https://opensourcebarware.com
21•RichBJamison•3h ago•11 comments
Open in hackernews

Remote Attestation

https://www.liamcvw.com/p/remote-attestation
15•lcvw•1h ago

Comments

zb3•49m ago
It would be a nice addition if big tech didn't abuse this to shove user-hostile software into devices which the user has paid for (like smartphones).. thanks to this attitude, whenever I see "remote attestation" I associate this with "hostile"..

> Using a TPM, we can remotely, cryptographically prove a couple of things:

Unless there are exploits..

lcvw•43m ago
I mean, all tech can be used in different ways. My experience has been much more on the preventing root kits side, rather then vendor lock in.

Yes, there can be exploits, but hardware exploits over a restricted interface (TPM2) are significantly rarer then normal software vulns. Everything is about risk mitigation, there is no perfect security.

GreenVulpine•15m ago
Make no mistake. Shoving user-hostile malware down people's throats is the primary use case for this in the consumer space. Bootloader malware is very esoteric right now. Enterprise might have valid use cases beyond screwing people but none of them make sense for a consumer device.
lcvw•6m ago
I think consumer devices should have opt-outs for sure. But personally I am much more comfortable with myself and my family having fully locked down apple phones then anything else on the market right now, precisely because of how difficult it is to get persistent malware into that ecosystem.
mjg59•6m ago
You say that, and also remote attestation is how Signal knows it's talking to a legitimate SGX enclave running the expected payload
lcvw•4m ago
I definitely want to do a post on confidential computing as well. Super cool stuff.
nondescript2887•36m ago
>But what about attacks after boot? That’s your EDR’s problem. Trusted boot provides the bedrock to build a bunch of other primitives on top of. Including cryptographic proof your EDR is installed and running (at boot), immutable filesystems (verified at boot), signed upgrades, confidential computing, etc. Without it you can’t trust your hosts themselves and can’t make further security guarantees. Houses built on sand and all that.

Good take - remote attestation doesn't solve all problems on its own but it is a very powerful tool in the platform security toolbox (and very cool "to boot" :P)

imglorp•17m ago
We use SPIFFE/SPIRE at work. It works well for our use case, remote embedded workflows that need to phone home. It's very exacting: everything must be exactly right for the attestation to succeed. So it takes extra effort when you commit to that path.