HN Brief: 2026-05-24
Today’s HN was a day of license wars and surveillance creep. The biggest thread pitted Prusa against Bambu Lab over an AGPL violation, but quickly turned into a messy debate over whether open-source licenses are enforceable against Chinese firms at all. That same tension played out in a second 3D printing thread, where Bambu sent a Cease & Desist to a developer—only to get shredded for trying to claim a user-agent string as proprietary. Elsewhere, a Texas woman was arrested for a Facebook post about water quality, sparking a grim consensus that the arrest itself is the signal, not the lawsuit. A quieter throughline: several threads circled the idea that local politics is the only real lever left, from license plate readers to zoning failures at a chemical leak.
Click into "BambuStudio has been violating PrusaSlicer AGPL license since their fork" for the explosive split on whether Chinese law makes GPL toothless. "Texas woman arrested for Facebook post about town water quality" for the debate on whether the arrest is the punishment, not the settlement. "The FBI Wants 'Near Real-Time' Access to US License Plate Readers" for the argument that town council seats are more powerful than Supreme Court rulings. "80386 microcode disassembled" for a 40-year-old security bug hiding in a die-scanning masterpiece. And "Oura says it gets government demands for user data" for the messy fight over who you should trust with health data—spoiler: nobody agrees.
Texas woman arrested for Facebook post about town water quality [comments]
699 points · 288 comments · reclaimthenet.org · 14h ago
A Texas woman was arrested on a felony charge for a Facebook post warning that residents had been hospitalized due to bacteria in the town's water — a claim the city says was false, even though the same city had issued a boil-water notice just weeks earlier. The thread immediately zeroed in on the First Amendment implications, with most calling it a clear overreach and an attempt to chill public speech about a genuine infrastructure failure. Several people pushed back on the idea that she’ll simply win a settlement and walk away, arguing that the arrest itself is the point: it signals to others that speaking up gets you a night in jail and a permanent record, regardless of the lawsuit's outcome. Others drew comparisons to their own similar experiences with police retaliation over public criticism, and a split emerged over whether this is a uniquely American problem or one common elsewhere, with some Europeans claiming this kind of arrest is routine overseas. A smaller contingent questioned whether she should have fact-checked her sources before posting, but the overwhelming consensus was that using a bomb-threat statute against someone repeating resident reports about discolored tap water is a textbook abuse of power.
BambuStudio has been violating PrusaSlicer AGPL license since their fork [comments]
398 points · 160 comments · sfconservancy.org · 23h ago
Josef Prusa publicly called out BambuLab for allegedly violating the AGPL license that covers PrusaSlicer, which BambuStudio is forked from, and pointed to a broader concern about Chinese law compelling companies to hand over data and encryption keys to the state. The HN thread immediately split into two camps: one side argued that open-source licenses are essentially unenforceable against a Chinese company, especially when consumers don't care and Western courts move too slowly to stop imports. The other side pushed back hard, pointing out that the SFC has active litigation against Vizio that could set real precedent, and that the license violation isn't about the plugin itself being closed-source — the real question is whether Bambu's networking binary gets dynamically linked in a way that constitutes a derivative work. A lot of commenters also called out Prusa for being hypocritical, noting that Prusa's own Connect cloud service routes all print data through Czechia with no offline fallback for full functionality, making the operational reality between the two companies harder to distinguish than Prusa wants to admit.
On The <dl> (2021) [comments]
386 points · 110 comments · benmyers.dev · 19h ago
The article makes the case for the underrated `<dl>` element, arguing it's the right semantic tool for any name-value pair pattern on the web, from product specs to D&D stat blocks, and it's a shame more developers don't reach for it. The thread lit up around two practical pain points: the surprising spec detail that you can only group `<dt>`/`<dd>` pairs inside a `<div>` (no custom elements allowed), and whether screen readers actually handle the thing correctly. Multiple people jumped in with CSS Grid tricks to style `<dl>` cleanly without those wrapper divs, while a separate faction pointed to recent accessibility audits showing support is "generally good" except for VoiceOver quirks, with a strong warning not to mangle the HTML trying to fix it. A long sidebar erupted about whether `<b>` vs `<strong>` is a meaningful distinction in 2025, complete with an ASCII art "see figure 1" meme, but the core split boiled down to: semantic HTML purists love `<dl>` for its machine-readable meaning, while the pragmatists say if the browser's assistive tech still treats it inconsistently, you're better off with a simpler pattern that actually works.
Time to talk about my writerdeck [comments]
362 points · 210 comments · veronicaexplains.net · 13h ago
The post details how Veronica Explains turned a six-year-old System76 laptop into a dedicated writerdeck by stripping it down to a console-only Debian setup with neovim and tmux, deliberately avoiding any desktop environment to break the muscle memory of distractions. The HN thread largely applauded the philosophy, with many diving into their own dream setups: a long tangent emerged around e-ink writing devices like the Freewrite Traveler and Boox Palma, though several people warned the Freewrite is overpriced, locked into a proprietary cloud ecosystem, and has a history of data loss. Others compared the blue-on-black terminal look to WordPerfect 5.1 on DOS and advocated for WordGrinder as a proper console word processor instead of just vim. A significant split emerged when one person argued that retreating into a distraction-free personal device is just internalized coping that won't fix the broader tech hellscape, which was met with firm pushback that collective action has already failed and that individual sovereignty over your tools is the only real leverage left.
Oura says it gets government demands for user data [comments]
271 points · 149 comments · this.weekinsecurity.com · 17h ago
The article reports that Oura, the health wearable company, receives government demands for user data but refuses to disclose how many requests it gets or how often it complies. The HN discussion immediately zeroed in on the article’s claim that Oura data isn’t end-to-end encrypted, with several people arguing the author conflated E2EE with encryption-in-transit and that Oura never claimed E2EE in the first place. A major split emerged between those who trust Apple with health data—pointing to Apple’s E2EE on iCloud and its public fights with law enforcement—and skeptics who note Apple’s encryption is only as good as the current political climate, especially after the UK encryption fight. Others pushed back on the entire premise, saying HIPAA is irrelevant here because Oura isn’t an insurer, and queued up open-source alternatives like the new Pebble Time 2 or Gadgetbridge as the only real way to keep health data off someone else’s servers entirely. The thread’s energy was less about the government demands Oura admitted to and more about the foundational architecture of these devices—everyone agreed the data is valuable and vulnerable, but no one agreed on who, if anyone, should hold the keys.
The Art of Money Getting [comments]
271 points · 149 comments · kk.org · 19h ago
The piece is Kevin Kelly's latest "Book Freak" digest of P.T. Barnum's 1880 lecture-turned-book *The Art of Money Getting*, which lays out twenty blunt rules for building wealth drawn from Barnum's own cycles of fortune and bankruptcy. The thread seized on the hardest rule first—"Don't Mistake Your Vocation"—and turned into a two-front battle about whether the Big Five personality traits actually predict career fit. One camp argued that low agreeableness and introversion are fine for engineers and lawyers, while others pushed back hard that those traits carry hidden costs and that a highly agreeable, extroverted, conscientious person is simply better suited to *all* employment. A separate faction piped up with the Felix Dennis book *How to Get Rich*, which got genuine respect for honestly detailing the personal costs of extreme wealth and then unexpectedly pivoting to poetry. The conversation also wandered into a surprisingly charged debate about using LLMs in retirement, with one retired dev insisting he uses ChatGPT like a "trusted advisor" for function-length snippets, while others questioned whether that approach yields any real understanding.
Italy moves to Airbus A330 tankers [comments]
254 points · 99 comments · www.euronews.com · 16h ago
Italy is buying six Airbus A330 MRTT tankers for €1.39 billion, formally abandoning an earlier plan to buy Boeing KC-46s and signaling a shift toward European supply chains within NATO. The Hacker News thread quickly turned into a broader autopsy of Boeing's decline — people pointed out that the KC-46 has been plagued by technical problems and delays for years, so this isn't just a political snub but a genuine industrial loss for Boeing. A lot of the pushback centered on the idea that Boeing's troubles predate any current US administration, with commenters arguing that the company's engineering culture has been rotting since the McDonnell Douglas merger. Others zoomed out further, noting that reliability of supply and maintenance chains now matters more than platform performance, especially after recent US political turmoil made American defense commitments look less dependable to allies. There was also some pedantic back-and-forth about whether it's fair to blame Boeing for engine failures or door plugs when Airbus has its own crash history, but the consensus was that Boeing's self-inflicted wounds — MCAS, quality control failures, short-termism — handed Airbus this win on a silver platter.
80386 microcode disassembled [comments]
246 points · 46 comments · www.reenigne.org · 19h ago
The 80386's microcode ROM, a sprawling 94,720-bit instruction table, has been painstakingly extracted from a high-resolution die image and disassembled, revealing the internal micro-operations that drove Intel's iconic processor. The project became a months-long detective story: collaborators used neural networks and manual pixel-poking to extract raw bits from the ROM photo, then reverse-engineered the undocumented microcode instruction format by inferring field boundaries from patterns and cross-referencing with die traces from Ken Shirriff. The conversation quickly turned to the practical how-to, with several people who worked on the extraction walking through the grueling process of classifying 1s and 0s by transistor presence in blurry mosaic images, then using educated guesses about field formats and known register encodings to puzzle out the microcode language. A major discovery got its own spotlight—the microcode reveals a 40-year-old security bug where a 4-byte I/O port access only checks permission bits for the first three addresses, potentially letting the final byte slip past protection. The thread also split on pedagogy: while some celebrated the work as "peak HN" and a product of hard-won university knowledge, others pushed back hard, arguing that studying needlessly complex backward-compatible designs like the 80386 isn't the best route to understanding microcode, and pointing to simpler paths like building your own CPU from gates or working through nand2tetris.
I Miss Terry Pratchett [comments]
232 points · 232 comments · www.mahl.me · 19h ago
The author Georges wrote a personal essay about discovering Terry Pratchett as a teenager in a French classroom and what it means to miss both the man and the next book that will never come. The HN thread split hard on the article itself: a significant chunk of the discussion is people arguing the essay was written by an LLM, pointing out specific sentences that have the cadence of Pratchett but collapse under scrutiny—lines like "A complete cosmology. Most physics departments would settle for that" being eight words, not nine, and nonsensical as a joke. Others pushed back, saying those are just amateurish attempts at Pratchett's voice, not AI, and that accusing everything of being slop is its own kind of poison. The more productive tangent was people discussing how prescient Pratchett's golems from *Feet of Clay* were as a metaphor for LLMs—golems powered by words of purpose in their heads that are treated as appliances rather than sentient beings, right down to the system prompt parallel—and how badly they wished he were alive to write about today's world.
US tech firms share Dutch regulator officials' names with Senate [comments]
211 points · 152 comments · www.dutchnews.nl · 21h ago
US tech firms like Microsoft and Meta handed over the names of Dutch civil servants and academics who work on European tech regulation to a U.S. Senate committee investigating "jawboning," potentially exposing those officials to travel bans or sanctions. The Dutch cabinet called this "extremely worrying," but the thread zeroed in on the country's utter dependence on American cloud infrastructure—the tax office is switching to Microsoft despite MPs' concerns, and a critical Dutch cloud provider used for the national ID system is about to be sold to a U.S. company. Most commentators dismissed the outrage as performative, arguing the Dutch government constantly talks about European digital sovereignty while doing the exact opposite behind the scenes to please the U.S. and big business. A significant split emerged over whether this is a uniquely Dutch failure or a symptom of the EU's deeper structural inability to prioritize strategic independence over short-term corporate convenience, with some contending the bloc has been in a local political minimum for decades, unwilling to absorb the cost of change.
Microsoft open-sources "the earliest DOS source code discovered to date" [comments]
206 points · 45 comments · arstechnica.com · 6h ago
Microsoft just open-sourced what it calls the earliest known DOS source code—86-DOS 1.00 kernel plus early PC-DOS snapshots—manually recovered from Tim Paterson's deteriorating paper printouts because the code never existed in digital form. The thread mostly bypasses nostalgia for DOS and zeroes in on a grumpy generational debate: older devs arguing that starting with low-level bare-metal coding made you understand actual computers, while modern programmers stacking libraries and AI tools are churning out monstrosities. A smaller contingent is more interested in whether this means old Windows source code might eventually follow, with one faction pining for a Windows 2000 source release and another pointing out leaks already exist. The practical takeaway from the historians in the thread is that paper listings surviving poorly-scanned dot-matrix text is proof of nothing—the code was obviously digital once, and this was just the only surviving physical copy of a snapshot nobody bothered to keep on floppy.
The FBI Wants 'Near Real-Time' Access to US License Plate Readers [comments]
193 points · 87 comments · www.wired.com · 18h ago
The linked article wasn't available to this summarizer; from the discussion, the FBI is pushing for near real-time access to the network of automated license plate readers already installed by local police and private companies across the US. The thread quickly pivots away from the technical or legal specifics of the FBI’s request and into a fierce debate about the power of local politics as the primary lever for resistance. A strong consensus argues that the most effective counter is to ban the *installation* of these cameras at the town or county level—if the data is never collected, the feds can't vacuum it up—with multiple people insisting that running for school board, town council, or mayor gives you real, immediate influence that most people drastically underestimate. This sparks a pointed, sprawling argument about car-dependent infrastructure itself being a freedom issue, with one side contending that driving a registered vehicle forfeits more civil rights than walking or using transit, while others push back hard on the impracticality of that view outside dense urban cores and the rise of facial recognition surveillance making the comparison moot. The thread also splits sharply on automated enforcement in general: some see it as a necessary tool against rampant traffic crime, while others view any expansion of the surveillance apparatus as a direct threat that the courts, despite prior Supreme Court rulings against warrantless tracking, are unlikely to stop.
Wake up! 16b [comments]
191 points · 12 comments · hellmood.111mb.de · 7h ago
A detailed writeup breaks down how a 16-byte x86 real-mode DOS demo generates an infinite Sierpinski fractal on screen while simultaneously producing self-similar audio through the PC speaker. The crowd is absolutely floored — multiple people call it obscene, a masterpiece, and say they can barely accept it's possible. Several initially mistook "16b" for a tiny LLM parameter count, which made the actual demo feel even cooler. The comments quickly pivot into a broader appreciation of demoscene artistry, with one person noting the contrast between this elegant 16-byte hack and the bloated Electron apps that would need 300MB to do far less. Another rabbit hole led to two people building a Sierpinski triangle with recursive PowerPoint presentations, and someone got hypnotized by the related "rainbow surf" demo, showing the thread is less about technical critique and more about communal awe.
Amazon Web Services – Four Years and Out [comments]
179 points · 46 comments · www.adventuresinoss.com · 3h ago
A departing AWS employee recounts their four-year stint on the open source strategy team, describing how organizational chaos and a frantic pivot to GenAI crushed the customer focus they were hired to improve. The thread latches onto the author’s observation that Amazon treats employees as fully fungible, with several people arguing this mindset is just late-stage capitalism being honest rather than unique to Amazon, while others push back that the company's "experiment fast" ethos was always Bezos’s playbook—and it worked because they could afford to swing and miss. The story of the author restoring a decade-old suspended account for a customer in northern Africa becomes a flashpoint: a few call it heroic, but a harsher take says it proves the support system is so broken it takes a rogue insider to do the basic job, and that publicly apologizing to the customer got him fired. A significant side argument erupts over whether AWS was actually revolutionary for provisioning—old hands insist you could rent VMs years earlier for less money, and that Amazon’s real innovation was just making server admin unnecessary, not the VMs themselves. The broader anxiety running through the comments is that the whole industry is trying to make engineers fungible too, and that the “vibe coding” culture is already trashing software quality, with nobody confident that labor will claw back power this time.
Making deep learning go brrrr from first principles (2022) [comments]
168 points · 62 comments · horace.io · 20h ago
Horace He's guide breaks down deep learning performance into compute, memory bandwidth, and overhead, showing how operator fusion (chaining pointwise ops like `x.cos().cos()` into a single kernel) can nearly cut memory-bound costs in half by avoiding intermediate global-memory roundtrips. The thread immediately dove into a semantic scrap over the article's claim that "in the time Python does one FLOP, an A100 can do 9.75 million" — people argued it's a category error to compare a language to a GPU, though others pushed back that the figure of speech is pointing out the vast gulf between Python overhead and specialized hardware throughput. Several commenters then turned the comparison on its head, noting that modern CPUs like the AMD EPYC 9965 or Intel Xeon 6980P actually exceed the A100's FP32 and FP16 theoretical FLOPs respectively, though those CPU numbers are heavily memory-bandwidth constrained while GPUs maintain a massive advantage in usable throughput for matrix operations. A separate side-argument emerged around double descent, where one person corrected the notion that LLMs operate in that regime — they're actually in the classical first descent setting since they have more training tokens than parameters.
Toxic chemical leak at a manufacturing facility in Orange County [comments]
150 points · 130 comments · www.bbc.com · 9h ago
The BBC reports on a state of emergency in Orange County, California, after a 7,000-gallon tank of methyl methacrylate at a GKN Aerospace facility began dangerously overheating, threatening to either rupture or explode. The Hacker News thread immediately dove into the physics of the crisis, with knowledgeable commenters explaining that crews *have* been spraying the tank with water, but the chemical is undergoing an exothermic polymerization reaction that is self-sustaining and largely insulated by the solidifying plastic, making ambient-temperature water largely ineffective for cooling the core. A sharp debate broke out about whether zoning laws failed here, since 40,000 residents were evacuated from within a potential blast radius, with one side arguing this is the inevitable result of Southern California’s decades-old mixture of aerospace manufacturing and housing, while others countered that the plant was there first and that the real failure was inadequate engineering safeguards and contingency planning for a known hazard. Several commenters pointed to the Chemical Safety Board’s youtube channel, predicting that if an investigation happens, it will find poorly maintained valves and a lack of on-site countermeasure systems were the root cause rather than a random "accident." The thread also took a sardonic tangent about how the nearby Disneyland service economy is essentially just as responsible for the area's population density as the defense industry.
--dangerously-skip-reading-code [comments]
138 points · 134 comments · olano.dev · 22h ago
The post argues that as LLMs generate code faster than humans can review it, teams should shift from reviewing code to rigorously specifying behavior in Markdown, making the spec the unit of accountability. The HN thread largely pushed back hard on this vision, with many pointing out that verifying code conforms to a natural-language spec is both theoretically impossible (Rice’s theorem, the halting problem) and practically indistinguishable from hoping an LLM doesn’t make subtle, human-invisible errors. Several commenters likened it to the failed promises of CASE tools, UML, and "software through pictures," noting that every attempt to let non-programmers specify software rigorously has just produced a new programming language. A recurring counterargument was that humans are actually *worse* than machines at catching the kinds of edge-case bugs LLMs produce, so handing over review to product managers or higher-level agents just shifts the bottleneck without solving it. Even the practical example was dunked on: someone noted that Anthropic couldn’t get Claude to build a working C compiler, which has a far tighter spec than any business requirement document.
Electrobun 2.0 will be decoupled from Bun due to the Rust rewrite [comments]
130 points · 143 comments · twitter.com · 20h ago
The linked article wasn't available to this summarizer; from the discussion, Electrobun 2.0 is being rewritten in Rust and decoupled from Bun, with the core controversy being that the rewrite was largely done by AI agents in about a month. The HN thread is split between people furious about the reckless speed and lack of human review—arguing that testing alone can't catch everything and that this erodes trust in a runtime—and those saying this is the future of software development, drawing analogies to how manufacturing doesn't review every weld. A major sub-argument is that the real problem isn't the vibe-coding itself but the complete lack of transparency and comms from the Bun team, with one top comment calling it a "comms problem, not a technical problem" that could kill the project. There's also a persistent side debate comparing npm's ongoing security disasters to the overreaction around Bun, with some noting the irony of trusting npm's tangled dependency hell while panicking over this rewrite.
ICE Awards $25M Iris-Scanning Contract to Bi2 Technologies [comments]
129 points · 37 comments · www.projectsaltbox.com · 8h ago
ICE has finalized a $25 million no-bid contract with Bi2 Technologies for iris-scanning equipment and a database of over five million booking records, with no security review, independent audit, or congressional oversight required. The discussion on HN immediately zeroed in on the no-bid nature of the deal and the lack of FedRAMP clearance, with several people arguing this isn't a loophole—it's just how federal procurement works for non-DoD agencies, and the real failure is the absence of a general software building code. A major split emerged between those who see this as terminal proof that the U.S. government is irredeemably corrupt and those who insist institutional recovery is possible, though both sides seem to agree the scale of grift is staggering. Some commenters dug into the physical footprint of Bi2 Technologies, finding what looks like a tiny office with a single Dell PowerEdge server, and drew direct lines to the Trump administration's pattern of awarding massive contracts to shell companies. A separate legal argument broke out over whether forcibly scanning someone's iris in the field constitutes an illegal search or just high-tech face recognition in public, with no clear consensus on where the Fourth Amendment line actually lands.
z386: An Open-Source 80386 Built Around Original Microcode [comments]
127 points · 30 comments · nand2mario.github.io · 17h ago
The linked article describes an open-source FPGA implementation of an Intel 80386, built by reverse-engineering and running the original chip's microcode, which can boot DOS and play Doom at 16.5 FPS. The HN discussion quickly zeroed in on the technical feat, with people impressed that the whole thing fits in just 18K LUTs on a modern FPGA, though a direct comparison shows a RISC-V core like VexRisc achieves similar capability in under 3K LUTs at a higher clock speed. The more animated conversation drifted entirely away from the project itself into a debate about the real-world afterlife of 386-class machines, with a strong consensus that countless industrial and embedded systems (donut shops, auto body shops, school HVAC) still run on old x86 hardware, often with a tortured justification for why replacing a single-maintainer Amiga system with a $1.5M contract-supported solution was actually the rational move. A commenter also noted that a 386 is a much easier target than a Pentium for an FPGA FPU, explaining that Quake needs the faster CPU before a floating-point unit even becomes worth implementing.
Scammers are abusing an internal Microsoft account to send spam links [comments]
124 points · 38 comments · techcrunch.com · 7h ago
Scammers have been exploiting an internal Microsoft email address, [email protected], which is normally used for legitimate account alerts like two-factor codes, to blast out phishing links. The discussion quickly zeroes in on the root cause: Microsoft apparently lets users customize the message body in its automated notification systems without proper guardrails, turning a feature into a spam pipeline. People are drawing parallels to similar abuses of freeform text fields at PayPal and Booking.com, where scammers insert convincing but fake messages into legitimate transactional email templates. Several commenters also point out the broader insanity of Microsoft’s sprawling, untracked domain portfolio, arguing that if the company can’t even publish a definitive list of its own email domains, expecting users to "check the sender address" is a joke. A recurring frustration is that this isn't a novel exploit—someone even links to the FBI getting hit by the same kind of automated-system abuse years ago—so Microsoft's reactive "we're investigating" stance looks weak.
Why is Vivado 2026.1 dropping Linux support for free tier? [comments]
104 points · 20 comments · adaptivesupport.amd.com · 3h ago
The linked article is an AMD support forum thread where a user angrily asks why Vivado 2026.1 is dropping Linux support for the free Basic tier while keeping Windows support. The HN thread bypasses the forum's official moderator response—which repeatedly dodged the Linux question by talking about student licenses and Windows usage stats—and zeroes in on the core grievance: AMD is using its captive FPGA developer base to extract $1,200+ for something that costs them nothing to support. Several people note this is a direct gift to open-source FPGA toolchains like nextpnr and F4PGA, which are already leaping ahead, and one experienced user argues the real pain isn't even the cost—it's the bureaucratic hassle of getting POs approved for licenses just to set up a CI pipeline or onboard an intern. The split is between those who see this as a short-sighted cash grab from the "MBA crowd" post-AMD-acquisition and a minority pointing out that if Linux users actually paid for software, vendors wouldn't have a reason to pull this stuff.
Ebola Outbreak Now Third Largest Recorded and "Spreading Rapidly" [comments]
102 points · 108 comments · arstechnica.com · 16h ago
The linked article reports that a new Ebola outbreak in the Democratic Republic of the Congo—caused by the rare Bundibugyo virus with no approved vaccines—has become the third largest on record, with nearly 750 cases and 177 deaths, spreading rapidly through a region already wracked by armed conflict and weak health systems. The HN thread split sharply, with one camp arguing the risk of global spread is minimal since Ebola requires direct contact with bodily fluids and infected people become immobile, while others pointed to the lack of asymptomatic transmission as cold comfort. A major recurring argument centered on how the US gutting USAID and the CDC, and withdrawing from the WHO, directly contributed to the detection delay, with the article quoting experts saying the outbreak is spreading via "the global withdrawal of it." Others pushed back against those calling this a familiar "fear cycle," arguing that this specific attitude is the reason the guardrails got removed in the first place. There was also a persistent meta-thread about media bias, where people debated whether the outbreak would get wall-to-wall coverage if it were in Europe, with some citing how the Wuhan and Marburg virus namings revealed ingrained biases in how the West pays attention to distant outbreaks.
Don't Roll Your Own [comments]
101 points · 87 comments · susam.net · 9h ago
Susam Pal posted a rant arguing that web developers should stop overriding native browser behaviors like scrolling, link navigation, text selection, copy-paste, password fields, and date pickers, comparing it to the cryptographic principle of not rolling your own crypto. The thread largely agreed with the premise, but the date picker debate split the room — several people defended custom date pickers as better than the clunky, unstyled browser defaults on desktop, while others countered that every custom date picker inevitably breaks for some region or locale. The discussion then spiraled into a deeper argument about whether JavaScript itself was a mistake, with one camp arguing that browsers should never have let scripts intercept basic user actions like copy and text selection, and the other camp pointing out that Google Docs and similar apps would be impossible without that capability. A recurring side tangent blamed middle management and designers for the worst offenses, though a few commenters admitted that even their own teams’ custom implementations had sucked in specific ways.
Reverse engineering circuitry in a Spacelab computer from 1980 [comments]
101 points · 21 comments · www.righto.com · 15h ago
A detailed blog post reverse-engineers the circuit boards of a French-built Mitra 125 MS minicomputer used in Spacelab in the 1980s, a 16-bit machine built entirely from simple TTL chips like the 74181 ALU rather than a microprocessor. The author, who is also posting in the thread, fields specific technical questions about memory management, revealing that the Mitra 125 implemented memory segmentation with base-address-and-length descriptors, similar to x86-style protected mode rather than simpler paging. The discussion splits over the PCB construction: one skeptic argued the grid of 0.1-inch holes and two-layer design were relics of older drilling limitations, but the author counters firmly, pointing out that the boards are from 1980, are definitely multi-layer, and that non-regular hole patterns were trivial by then—citing Altair and Apple I boards as evidence. Another tangent covers the software stack, where it emerges that the Spacelab computer ran HAL/S, the same high-level assembly language used on the Shuttle’s IBM AP-101, which surprised some who assumed the Europeans would have chosen something else.
'Fuck you, Bambu': How one private message could change the face of 3D printing [comments]
99 points · 60 comments · www.theverge.com · 3h ago
The article covers Bambu Lab, a leading 3D printer manufacturer, facing a community backlash after sending a developer a private Reddit message demanding he take down code that let users control their printers without Bambu's proprietary software—code they consider a violation despite relying on open-source code themselves. The HN thread went hard on the specific legal argument: Bambu's claim that the developer's tool "impersonates" their software by using the same user-agent string, which commenters shredded as absurd given that Bambu itself publishes that string in open-source code, comparing it to leaving a key in public and then crying theft. A huge chunk of the discussion pivoted to printer recommendations, with a clear split between those who argue Prusa is still the only ethical, repairable choice despite the price premium, and others insisting Chinese brands like Elegoo and Creality now "just work" out of the box for a fraction of the cost—though several people pushed back hard, noting those alternatives often have the same cloud-lock-in and proprietary BS. The thread also dug into the contradiction that the community is pouring money into defending a tool that makes Bambu's printers more valuable, but the consensus seemed to be that the real win is establishing a legal precedent that open-source licenses matter, even if it means a company has to rewrite its own code.
Justice Department scrubs its website of news releases about Jan. 6 defendants [comments]
98 points · 11 comments · apnews.com · 7h ago
The AP reports that the Trump Justice Department has scrubbed its website of news releases about Jan. 6 defendants, calling the information "partisan propaganda," and has created a $1.776 billion fund to compensate Trump allies who feel they were unjustly prosecuted. The HN thread largely treats this as a straightforward confirmation that the administration is rewriting history and moving toward autocracy, with several people noting that the real purpose of the slush fund isn't to reward the last insurrection but to incentivize the next one—buying loyalty for future repression. One branch of the discussion pivots to frustration that the Internet Archive is chronically underfunded while wealthy tech figures who rely on it do nothing, with the implication that if the web's power users won't preserve its history, the kind of information erasure seen here becomes permanent. Another commenter argues that the only way back is through Nuremberg-style trials and constitutional amendments, but acknowledges that won't happen until the MAGA base wakes up, which likely requires things getting much worse first. A few people are more blunt, drawing direct comparisons to Kim Jong Un's playbook for securing military compliance and a financial reward system.
Judson's Last Ride [comments]
91 points · 4 comments · www.realclearpolitics.com · 19h ago
The article is a personal essay from Sean Trende at RCP about his profoundly autistic son Judson’s last day of high school, covering the family’s long journey through therapies, school vouchers, and the quiet heartbreak of never having a real conversation with him. The thread is unusually sparse and subdued for HN—only a handful of comments, all of them personal and earnest rather than analytical or corrective. One person shares that Judson sounds exactly like their own twin brother, noting they grew up saying “autistic retarded” but acknowledging that language is now outdated, while another simply says they’re glad the internet still holds space for stories like this. No one challenges Trende’s politics or digs into the policy implications of Ohio’s voucher program; instead, the thread stays entirely on the human experience, treating the piece as a sincere tribute worth sitting with quietly.
Air France and Airbus found guilty of manslaughter over 2009 plane crash [comments]
76 points · 43 comments · www.bbc.com · 11h ago
A French appeals court has convicted both Air France and Airbus of manslaughter for the 2009 crash of Flight AF447, which killed 228 people after the Airbus A330 stalled during a storm and plunged into the Atlantic. The thread quickly split into two camps: one arguing that the real culprit was the co-pilot who inexplicably held the stick back during a stall—basic flying 101 that any pilot should know—and the other pointing out that the companies knowingly let a known, dangerous sensor failure fester without adequate fixes or training, making this a systemic failure rather than just individual error. Several people pushed back hard against the idea that Airbus is blameless, noting the plane’s automation had a perverse failure mode where pulling the nose up silenced the stall alarm while the correct response (pushing down) triggered it, effectively punishing the right action. A side tangent emerged comparing this to Boeing’s 737 MAX fraud plea, with some claiming the US company got off easier despite two crashes and whistleblower deaths, while others countered that a €225,000 fine is a token slap that treats 228 lives as an accounting cost.
JWT is a scam and your app doesn't need it [comments]
72 points · 63 comments · www.dusanmalusev.dev · 14h ago
The post argues that JWT is a cargo-culted technology most apps don't need—it can't be revoked without server-side storage (defeating its stateless promise), refresh tokens just add complexity, and the supposed performance gain over opaque tokens is negligible. The Hacker News crowd split hard: a vocal camp pushed back that JWTs are perfectly fine for multi-service SSO across different domains or heterogeneous backends, where session cookies don't cut it, while others countered that any regular token or auth server solves that same problem without the JWT baggage. A major sub-debate erupted around revocation—someone insisted short expiries (like 15 minutes) make revocation irrelevant; opponents shot back with a concrete Discord malware scenario where a stolen JWT gives an attacker a full hour to wreak havoc while the victim can't invalidate the session, and the IP-binding fix was quickly dismantled by mobile-network reality. The thread also got meta-ugly: several people accused the author of using an LLM to write the article, pointing to tell phrases and stilted prose, which the author denied as a non-native English speaker who "vibe coded" the site but insists the content is original.
Generated 2026-05-24 08:23 UTC
Generated by Sauron from Hacker News discussions and linked articles.