AI Summarized Hacker News
Front-page articles summarized hourly.
An iTerm2 SSH integration bug lets untrusted terminal output impersonate the remote conductor. By placing forged DCS 2000p and OSC 135 messages in a readme.txt, a normal cat readme.txt can trigger iTerm2 to execute the conductor workflow, including getshell and pythonversion, and then run an attacker-controlled payload via a base64-encoded run command. The PoC uses readme.txt plus ace/c+aliFIo; reproduce with genpoc.py. A fix was committed (a9e7459...), not yet in stable releases. Root cause: trust failure in terminal-output–driven conductor negotiation.
HN Comments
A 403 Forbidden error page displaying the message, a request token (Cy6oyR8v/UaAFzcRw), and a timestamp: Fri, 17 Apr 2026 22:16:51 UTC.
HN Comments
Paul Zimmermann proves that the GNU libc 2.43 binary64 hyperbolic arctangent (atanh), released in January 2026, is correctly rounded to IEEE 754.
HN Comments
Fil-C is a memory-safe variant of C/C++ using a source-level rewrite. It instruments each pointer local var with an AllocationRecord* ar; AllocationRecord tracks visible/invisible memory; filc_malloc allocates ar, visible_bytes, invisible_bytes; dereferencing checks bounds via ar; for heap pointers, invisible_bytes holds AllocationRecord*. When storing/loading pointers, the allocator updates both sides; filc_free frees visible/invisible bytes but not ar; a garbage collector frees unreachable AllocationRecords and calls filc_free; taking addresses can promote locals to heap to enable GC; memmove is treated with alignment-aware rules; production features (threads, atomics, function pointers) add complexity; uses pointer provenance as design point.
HN Comments
Miguel Conner describes a six‑week coding retreat at Recurse Center in Brooklyn, stepping back from AI to practice coding by hand. He aims to train an LLM from scratch, strengthen Python skills, and deepen computer understanding. Progress includes building a 17M‑parameter GPT‑2‑style model from scratch and training it on Tiny Stories, then testing on ~9B OpenWebText tokens; profiling GPUs and implementing FlashAttention2 in Triton; and pairing with others to learn faster. He also pursues Apple IIe BASIC, CTF Fridays, mob programming, and short weekly talks, while acknowledging time constraints.
HN Comments
Electrek reports Dutch Tesla owner Mischa Sigtermans leading an EU-wide HW3 + FSD claim after paying €6,400 in 2019. EU approval for FSD Supervised excludes HW3; Tesla offered no timeline and said to be patient. Musk admitted HW3 can’t run unsupervised FSD and a retrofit may be needed, with no EU retrofit program or refunds. About 3,000 HW3 owners across 29 countries joined hw3claim.nl, representing ~€6.5–€6.8m. Legal pressure grows; ‘be patient’ could face court.
HN Comments
Riley J. Shaw releases ShaderPad, a small, focused library to render shaders on websites without boilerplate. Aimed at artists and creatives (ShaderToy/TouchDesigner users), ShaderPad emphasizes simplicity, fast performance, and a tiny footprint (5.8kb gzipped), over 30x smaller than Three.js. It favors GPU work and smart caching to minimize CPU work. The author describes building in 2026, balancing user needs with restraint, and notes AI-assisted docs. He emphasizes use for funky interactive graphics rather than full 3D scenes and invites readers to try the docs, quickstart, and interactive examples.
HN Comments
AI inference’s low-precision requirement, new thermal engineering (athermal design, integrated heaters with precise stabilization, thermal undercut), and advances in heat management (vapour chambers) are converging to mitigate MZI’s historical temperature sensitivity. This, combined with AI’s huge energy footprint, is driving interest in large photonic accelerators (e.g., 16,000-component chips) that can rival GPUs in latency and efficiency. But challenges remain: photonics remain largely analogue, memory storage issues, fabrication yields, and uncertain commercialization.
HN Comments
ARC Prize Foundation seeks a Platform Engineer - Benchmark Lead (remote US) for $150k-$250k with 6+ years’ experience. Owns and evolves the ARC-AGI benchmark platform, stabilizing the V3 backend, improving performance, and building verification/testing pipelines for automated runs, scoring, reproducible evals, and data-exhaust capture for deeper model analysis. Supports ARC-AGI-4 deployment and lays groundwork for ARC-AGI-5, including human data collection. Requires strong Python backend, distributed systems, SQL, cloud infra, and production reliability; experience with evaluation harnesses and data-logging/analysis workflows for AI/ML. ARC Prize Foundation founded 2024, president Greg Kamradt.
HN Comments
Adam Wespiser details starting a small 3D printing business from a neighbor’s card stand idea, sparked by his puppy. He iterated designs, fixed printing hurdles (nozzle clogs, color limits), added a second printer and more colors, and standardized parts for repeatability. The venture earned about $3,666 from ~50 orders and ~3,000 hours of printing, but remained labor-intensive and not scalable. He wound down after raising prices and shifting to large orders, concluding 3D printing works for small, custom items—not volume manufacturing—and returning to software work and personal projects.
HN Comments
The post laments the loss of 80s computing personality and diversity, contrasting bespoke, shop-hopped experiences with today’s uniform megacorp supply. It recalls iconic machines (Atari, Commodore, IBM PCs, Amiga, ZX Spectrum, TI-99/4A, Coleco Adam, BeBox) and the unique hardware each offered. The author regrets selling the BeBox, hopes to collect retro gear again, and plans to design/build modern gear that channels that era’s character, inviting readers to join the project.
HN Comments
SNK and Plaion will reissue the NeoGeo AES as the AES+, aiming for faithful hardware rather than emulation. The system uses ASICs to mirror original behavior for an authentic living-room arcade experience. Ten launch titles include Metal Slug, The King of Fighters 2002, and Samurai Shodown V Special, on cartridges with reproduced packaging. It adds HDMI up to 1080p, savable high scores, a BIOS menu, and faster-setting switches, plus a replica AES pad, memory card, and optional wireless stick. Pre-orders are open; ships November 12, 2026. Prices: around €200 standard, €300 white edition; games ~€80 each.
HN Comments
Citizen Lab analyzes Webloc, Cobwebs’ ad-based geolocation system now sold by Penlink. Webloc aggregates location data and profiles from hundreds of millions of mobile apps and ads, with up to three years of history. It links to Hungary’s domestic intelligence use since 2022, El Salvador’s police, and U.S. agencies including ICE and the military, plus various local departments. Cobwebs’ Tangles platform and add-ons (Lynx, Trapdoor, Weaver) connect to Quadream. The report maps hundreds of servers worldwide (many on Azure) and argues the tech enables intrusive, poorly regulated mass surveillance requiring oversight. Penlink disputes the findings.
HN Comments
Lunar dust is highly abrasive and potentially toxic. Apollo astronauts suffered ‘lunar hay fever’ from dust clinging to their suits, sparking sneezing and congestion. ESA researchers are assessing health risks as part of a lunar-dust program. The dust contains sharp silicate particles that damage lungs, and Moon’s low gravity lets tiny particles linger longer; electrostatic charging can make dust levitate and enter equipment and lungs. Real lunar dust is scarce, so scientists use volcanic simulants, though sharpening edges is hard. Dust could yield bricks and oxygen. ESA hosts a workshop; astronaut Alexander Gerst runs the Airway Monitoring experiment.
HN Comments
Detecting DOSBox from inside DOSBox is tricky; simple BIOS-string checks are brittle and spoofable. The post argues for a robust method by inspecting DOSBox’s own code paths, e.g., disassembling MOUNT.COM to find a DOSBox-specific hidden FE group callback (FE /7) used during emulation. By detecting this DOSBox-only behavior, possibly via a custom invalid-opcode handler (#UD), one can distinguish DOSBox from other emulators. It also notes quirks in 86Box/PCem, mentions NTVDM/Win9x via INT 2Fh, and provides a sample program that runs on DOSBox and DOSBox-X.
HN Comments
Connie Converse was a pioneering 1950s American folk singer-songwriter who disappeared in 1974 at age 50. Working in New York with minimal gear, she created sophisticated, introspective songs that prefigured later indie folk. Her track Roving Woman and others reveal advanced lyricism and inventive guitar work, foreshadowing millennial styles. She remained obscure for decades until rediscovery in the 2000s and the 2009 How Sad, How Lovely compilation, now reissued on vinyl. Fans and artists—from Greta Kline to Julia Bullock—laud her ahead-of-time vision. Howard Fishman’s biography sheds light on her life and mystery.
HN Comments
PanicLock is a macOS menu-bar app that instantly disables Touch ID and locks the screen with one click or by closing the lid. It adds a one-click panic button, a configurable hotkey, and an option to lock on close; it temporarily disables Touch ID and restores it after unlock. Requires macOS 14+ with Touch ID. First run installs a privileged helper; uses bioutil to adjust Touch ID timeout and pmset to lock the display; no network or data collection. Open source MIT-licensed.
HN Comments
Klondike3-Simulator is a Java-based project that simulates Klondike Solitaire to compare different playing strategies. It includes an Ant build (build.xml) and a simulator you run with java -jar simulator.jar, using flags like --one or --three, --attempts, --debug, and --seed for multiple runs. The README notes a current win-rate record around 8.59% (up from 7.915%) and shows example outputs from runs. Source code resides in src/org/dacracot and the project is GPL-3.0 licensed.
HN Comments
smolvm is a CLI tool to build and run portable, self-contained Linux VMs with near-instant startup. It packs workloads into .smolmachine artifacts that run on any matching host architecture with real hardware isolation (Hypervisor.framework on macOS or KVM on Linux, via libkrun). Features include ephemeral and persistent VMs, sandboxing controls, SSH-agent forwarding, and a Smolfile config for reproducible environments. Zero-runtime-downloads and cross-platform support (macOS/Linux).
HN Comments
Anthropic launches Claude Design, a new Labs product that lets teams collaborate with Claude to create polished visual work—designs, prototypes, slides, decks, and marketing assets—powered by Claude Opus 4.7. In research preview for Claude Pro, Max, Team, and Enterprise, it builds a design system from a team's codebase and files, then generates a first version from a prompt and refines via inline comments, edits, or sliders. It supports import from prompts, documents, images, or web captures; multi-project systems; exporting to Canva, PDF, PPTX, HTML, or handoff to Claude Code. Rollout is gradual; Canva, Brilliant, and Datadog praise.
HN Comments
Made by Johno Whitaker using FastHTML