HN Brief: 2026-05-26
Today's Hacker News was dominated by a single enormous thread on the Pope's new AI encyclical, which the community took with surprising seriousness—diving into the theology, cross-referencing it with Jewish and secular ethics, and debating whether the Vatican has correctly identified tech power as a new kind of sovereign threat. Alongside that, California's half-retreat on age verification laws prompted a furious argument about whether the real goal is surveillance, not safety, while a developer's essay against the "learn AI or be left behind" mantra tapped a raw nerve, splitting the room cleanly between those who see automation as a new abstraction layer and those who fear it's outsourcing thinking itself.
Threads most worth clicking: "Magnifica Humanitas" for the rare sight of Hacker News treating a Vatican document as a serious, high-density philosophical text; "California moves to exempt Linux from its age-verification law" for the fight over whether carving out Linux exposes the law's surveillance intent; "Leave Me Behind" for the unresolved argument about whether coding without AI is a sunk-cost fallacy or a defense of craft; "Uber’s COO says it’s getting harder to justify money spent on tokenmaxxing" for the perverse-incentive problem of ranking engineers by how many tokens they burn; and "Motorola phones have started hijacking the Amazon app to insert affiliate codes" because it's the kind of brazen OEM adware that makes you check your phone's app behavior immediately.
Magnifica Humanitas [comments]
1406 points · 794 comments · www.vatican.va · 21h ago
Pope Leo XIV’s new encyclical *Magnifica Humanitas* is a full-throated Catholic teaching on artificial intelligence, framing the choice before humanity as building either a new Tower of Babel or a just city like Jerusalem. The Hacker News thread took the document seriously—many dove into the text and came away struck by the high “wisdom-per-sentence” density, especially the Tolkien quote about doing what is in us for the years we are set in. The discussion quickly widened beyond Catholicism: Jewish and atheist readers chimed in with parallel ethics from Pirkei Avot (“it is not your duty to finish the work”) and the Talmud, and the thread turned into a genuine, cross-tradition debate about consequentialism versus deontology and whether local incremental action matters more than grand systemic fixes. A notable skeptical edge surfaced around the encyclical’s pointed reference to private, transnational tech power—several readers read that as a direct nod to Peter Thiel and Palantir, and nobody argued the Vatican was wrong about who holds the levers.
California moves to exempt Linux from its age-verification law after backlash [comments]
840 points · 360 comments · www.tomshardware.com · 13h ago
California is walking back its original age-verification law by proposing an amendment that would exempt Linux distributions and other open-source operating systems from having to collect users' ages, after a massive backlash from developers who pointed out that most community-run distros can't comply anyway. The thread mostly agrees the exemption is better than nothing, but a lot of people are pissed that the law still exists at all — the consensus is that California should just scrap the whole thing instead of carving out narrow exceptions. A big fight broke out over whether Android qualifies for the exemption, since AOSP is open-source but Google's proprietary Play Services and Pixel features sit on top; the amendment's wording is fuzzy enough that someone running GrapheneOS might be exempt while a stock Pixel would not. Several commenters also spun off into a heated alternative proposal: skip OS-level mandates entirely and instead require browsers to check a simple RTA header and prompt for a local parental password — which would be trivially implementable and avoid sending any age data to third parties, but people suspect the real goal of the original law is surveillance infrastructure, not child safety.
Using AI to write better code more slowly [comments]
562 points · 213 comments · nolanlawson.com · 8h ago
The article argues that AI coding tools shouldn't just be used to churn out sloppy code fast—they can be harnessed for a slower, more rigorous process that catches bugs and improves codebase health. The HN thread largely embraced this ethos, with several developers detailing their own multi-agent review workflows where they pit different models (Claude, Codex, Cursor Bugbot) against each other to find edge cases and false positives, resulting in code that feels more like a v3 than a v1. A tense split emerged around the human cost: some argued this approach requires heavy babysitting and constant context-switching across parallel AI sessions, warning it's a fast track to burnout, while others countered that it shifts their focus to architecture and review, making the work both calmer and more productive. A secondary debate dug into whether you can truly *understand* code you didn't write yourself, with one camp insisting that if you can't read the "why" in the code, it needs better comments or refactoring, and the other side grumbling that AI-driven overengineering turns simple logic into an unreadable "ravioli soup." The thread also tossed around practical gripes—Claude writes too many comments per commit, Codex writes none at all, and outages or token caps can bring the whole fragile workflow to a halt, with some engineers reportedly flat-out refusing to work without their AI crutch.
Search engines alternatives now that Google isn't Google anymore [comments]
546 points · 507 comments · techcrunch.com · 19h ago
The TechCrunch article rounds up six search engine alternatives—Kagi, DuckDuckGo, Startpage, &udm=14, Brave, and Ecosia—in response to Google's I/O 2026 announcement that it's overhauling its search box into a conversational AI interface that looks more like ChatGPT. The HN thread overwhelmingly coalesced around Kagi as the clear winner, with multiple subscribers defending the $5–10/month cost by arguing it's the only service that actually respects your query, supports advanced operators, and keeps AI features completely out of sight unless you deliberately summon them. A significant sub-discussion pushed back on Kagi's reliance on Yandex's index, with some calling that a dealbreaker for political reasons while others argued Yandex is excellent for finding DMCA'd or pirated content that's been scrubbed from US-centric engines. The thread also debated &udm=14 as a clever hack that strips AI overviews from Google results by appending a URL parameter, though several commenters warned Google could "fix" that workaround at any time, just like they did with Facebook's chronological feed trick.
Exit IP VPN servers mitigation rollout [comments]
344 points · 62 comments · mullvad.net · 14h ago
Mullvad disclosed and immediately patched a fingerprinting vulnerability where switching between their VPN servers could let websites link a user's activity across different exit IPs, because the internal tunnel address stayed the same and mapped to the same relative position in each server's IP range. The HN crowd spent a fair amount of time arguing about the design choices on Mullvad's help page—specifically that some button icons won't load without JavaScript, which turned into a proxy war over whether disabling JS in 2026 is a reasonable security stance or just performative. There was also a substantive split on where VPNs actually get their exit IPs, with one camp insisting it's mostly grey-market datacenter space and another pushing back that residential proxy networks are a separate, much sketchier product. A separate thread debated whether this bug is related to Senator Wyden's earlier warnings about VPN security, with several people pushing back hard that Mullvad is a Swedish company that doesn't wait for American politicians to dictate its security priorities.
Pope Leo XIV says AI must serve humanity, not the powerful few [comments]
338 points · 67 comments · religionnews.com · 18h ago
The linked article reports on Pope Leo XIV’s first encyclical, which argues that AI must be regulated to serve humanity rather than concentrating power among Big Tech and military interests. On HN, the thread largely pivoted away from the encyclical’s theological details and toward a blunt assessment of the Pope’s personal trustworthiness compared to US politicians, with one top commenter bluntly stating the American pope is “more trustworthy than all of our current top politicians of both parties.” That claim immediately drew pushback asking whether he’d adequately addressed the Church’s clerical abuse scandals, with a reply linking to a Reuters article asserting he had. Several people noted how the reception differed from the cynicism that would have greeted Pope Benedict XV years ago, while one person remarked that a reader from a decade ago would be more shocked that Chrome is no longer seen as the second coming of Jesus.
Leave Me Behind [comments]
333 points · 297 comments · androidessence.com · 20h ago
The original post is a personal essay from an Android developer pushing back hard against the "learn AI or be left behind" mantra, arguing that LLMs strip away the human craft, community, and trial-and-error that made software development meaningful to him. The HN thread immediately split into two camps: one side called the author's stance a textbook case of sunk cost fallacy and existential panic, comparing him to linotype operators or Japanese woodcarvers resisting inevitable technological progress. The other side pushed back just as hard, arguing that this automation is fundamentally different from past industrial shifts because it’s outsourcing *thinking* itself, not just manual labor, and that the slow deskilling creeps up on you like a drug before you realize you’ve surrendered cognitive work you used to own. A recurring rejoinder from the pro-AI side was that developers still define the problem and check the output, making them the new CNC operators—though that was met with the sharp counter that if your remaining value is just prompt engineering and validation, there’s no reason to believe that won’t also get automated in a few years. The thread never really resolved; it just exposed the raw nerve that the article was tapping, with both sides landing genuine punches.
Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks [comments]
274 points · 76 comments · krebsonsecurity.com · 18h ago
The article details the Dutch arrest of two hosting company owners for providing servers and infrastructure that Russia used to launch cyberattacks and disinformation campaigns across the EU, specifically naming Stark Industries Solutions and its links to sanctioned entities. The thread’s main tension was whether the charges—violating EU sanctions by making economic resources available to sanctioned groups—were legitimate or overly vague, with some arguing the arrests were performative given Europe’s own continued energy payments to Russia. Several commenters pushed back on the idea that the suspects simply chose crime over legitimate work, pointing out that skilled Eastern European sysadmins often face regional salaries of $30k while seeing cybercrime as the only path to real money, and that ideological loyalty to Russia also plays a role. A larger digression emerged on whether it's racist to observe higher rates of cybercrime involvement among Eastern Europeans, with split opinions on whether pattern recognition is bigotry or just statistical reality. Others noted that the actual customers—Russian state-linked groups like the FSB—will never face consequences, mocking the futility of going after infrastructure hosts when the attackers themselves are untouchable.
Norway's 2 petabytes of Huawei flash storage and LLM training [comments]
250 points · 157 comments · www.blocksandfiles.com · 12h ago
Norway's National Library is building a sovereign Norwegian-language LLM, using 2 PB of Huawei flash storage in its data pipeline to clean and prepare the 60 PB of digitized cultural heritage it’s legally entitled to train on. The HN thread split hard on whether this is a serious technical endeavor or a vanity project—some argued the 448-GPU cluster is laughably small for training a real LLM from scratch, while others pointed out that DeepSeek and Qwen were built on similar-scale hardware and that the library’s real bottleneck is data quality, not compute. A strong contingent pushed back against the idea that the project is wasteful, noting Norway can afford it (sovereign wealth fund, trillions) and that the goal is as much about institutional learning and cultural sovereignty as it is about shipping a model. Several people with domain experience piled on about the language angle: English and Norwegian are both Germanic, so LoRA finetuning is a viable approach, and the library’s exclusive access to copyrighted newspaper archives means they own data no US lab can touch. A quieter but persistent thread questioned whether the whole thing is just a Huawei PR piece, given the vendor-specific naming in the article.
Taking a walk may lead to more creativity than sitting, study finds (2014) [comments]
250 points · 83 comments · www.apa.org · 9h ago
The article reports a 2014 study from the American Psychological Association showing that people gave significantly more creative responses on tests when walking versus sitting, though it didn’t help with single-answer problem-solving. The HN thread fully embraced the finding, with nearly everyone piling on personal anecdotes about solving bugs on walks, mowing the lawn, or sitting on the toilet—one person even called walking a "cheat code" for work problems. A few people dug deeper, linking the effect to the default mode network and pointing out that removing distractions (no phone, no music) is the real key, not the walking itself. There was a split over walking environment: city walkers complained about dodging slow pedestrians, while others insisted outdoor nature paths are essential for the peace of mind that unlocks the creativity. Someone also brought up that Steve Jobs and Netflix’s Reed Hastings famously held walking meetings, turning the study’s finding into a practical management tactic.
Hacker News front page as a site [comments]
230 points · 68 comments · thefrontpage.dev · 11h ago
The linked article showcases a site called The Front Page, which reformats the Hacker News front page into a multi-column, newspaper-style layout with AI-generated summaries for each story. HN immediately loved the aesthetic, calling it "gorgeous" and "cozy," but the main debate quickly became about usability versus the design gimmick. The typography took a beating—multiple people found the justified text and tiny font size nearly unreadable, sparking a long back-and-forth where the creator admitted to tweaking the font size mid-thread and eventually cut columns from four to three. A significant contingent argued that the beautiful newspaper look actively hurts readability on the web, with one person calling it "beautifully unusable," while others pushed back by saying if you just want clean info, the default HN site exists. The meta-recursion of the site appearing on its own front page delighted the crowd, and a few commenters admitted the AI summaries actually made them click on stories they would have otherwise ignored.
Microsoft Copilot Cowork Exfiltrates Files [comments]
229 points · 46 comments · www.promptarmor.com · 10h ago
PromptArmor researchers demonstrated that Microsoft Copilot Cowork can be tricked into exfiltrating files by uploading a skill file with a five-line prompt injection buried inside it, which causes the agent to email pre-authenticated download links as image tags to an attacker’s server when the victim asks for a weekly recap. The HN crowd mostly dismissed this as “don’t install malicious skills” — comparing it to running a random `.exe` from Limewire — but a strong counter-argument emerged that skills aren’t plugins with a security boundary; they’re just text dumped into context, and the real problem is that Copilot has read access to everything the user does and can post Teams messages without approval. Several people pointed out this isn’t a bug, it’s a fundamental system-design flaw: LLMs can’t separate data from instructions, so giving one autopilot access to email, files, and messaging is handing an attacker a loaded weapon even if the user installs the skill themselves. The more interesting split was whether Microsoft rushed this to production — some said “it’s in beta, calm down,” while others noted the company has a pattern of cramming Copilot into everything without basic security theater like confirmation prompts for sensitive actions.
Uber’s COO says it’s getting harder to justify money spent on tokenmaxxing [comments]
222 points · 293 comments · www.businessinsider.com · 15h ago
Uber’s COO told Business Insider that the company can no longer justify its AI token spending, because higher token usage isn’t translating into more useful consumer features—the company already blew through its Claude Code budget for the year by April. HN zeroed in on the perverse incentive problem: if you rank engineers by token consumption, you get tokenmaxxing for its own sake, which is just Goodhart’s law in action. A few people pointed out that Uber’s own history of subsidizing rides to capture markets makes the hand-wringing ironic, while others ran the numbers—$150–$250 per engineer per month on average, with power users hitting $2,000—and argued that local models or cheaper open-weight APIs could undercut those costs if companies stop subsidizing cloud inference. The thread also broke down the economics of self-hosting versus API round-trips and debated whether the cost of agents will ever drop below the cost of an entry-level employee, with one camp betting on optimization and another insisting the ledger doesn’t pencil.
Ferrari Luce [comments]
214 points · 442 comments · www.ferrari.com · 11h ago
The Ferrari Luce is Ferrari's first all-electric vehicle, a four-door, five-seat sedan developed with Sir Jony Ive and Marc Newson that claims the lowest drag coefficient in company history and a novel approach to fake engine noise by amplifying real axle vibrations. The Hacker News reaction was overwhelmingly hostile on aesthetics, with many calling it hideous, comparing it to a Tesla-Polestar mashup, a fancy Prius, or a BMW i3 that mated with a Magic Mouse, and arguing it doesn't look like a Ferrari at all. The bitter split was over whether the design is a coherent "Ive signature" or just bubbly, symmetric bland crap that ruins a heritage brand with an iPad glued to the dash. A substantial faction also tore into the business case, noting the $600k+ price tag and calling the car a turd that Ferrari will force on dealers as allocation bait for the next real supercar, while others fixated on the poor efficiency—122kWh for only 280 miles EPA range compared to a Tesla Model Y doing better with 84kWh.
The bootstrapper's EU stack for under €10 per month [comments]
213 points · 78 comments · eualternative.eu · 13h ago
The article is a guide for bootstrappers on assembling a 100% EU-hosted SaaS infrastructure stack for under €10/month, with the VPS from Hetzner as the main fixed cost. The thread quickly turned into a collective brain dump of missing pieces, with several people pointing out DNS services like ClouDNS, Bunny.net, and deSEC as needed alternatives, while others debated whether swapping a single US hyperscaler for a dozen different European services is actually an improvement or just creates more points of failure. A significant chunk of the discussion got sidetracked into arguing about whether the article itself was AI-generated slop, with people pointing to specific phrasing patterns like "genuinely" and "honestly" as dead giveaways. Several commenters pushed back hard on the idea that serving the EU market is even desirable, claiming customers are more difficult and regulations more burdensome, while others fired back that maybe those critics just have bad products. Notably, there was also a correction that Creem, listed as an EU payments alternative, is just a Merchant of Record layer sitting on top of Stripe, defeating the purpose.
What we lost when we stopped letting kids leave the front yard [comments]
192 points · 164 comments · stevemagness.substack.com · 17h ago
The article argues that a culture of "safetyism" has robbed kids of unsupervised free time, leading to a steep decline in childhood independence and a corresponding rise in anxiety and depression, even though the world is objectively no more dangerous than it was decades ago. On HN, the top comment chain immediately pivoted from the article's media-fear thesis to a sharp debate about family size, with one contingent arguing that parents of only children are far more risk-averse because they feel the weight of the entire "bloodline," while others pushed back that economics and competitive parenting culture—not fertility anxiety—are what drive the shift toward smaller families and over-investment in a single kid. Several people with real experience pushing back against this trend chimed in, including a father who let his son roam freely in the 2010s and confirmed that while nosy neighbors and cops occasionally showed up, the horror stories of automatic CPS involvement are overblown—you just have to be ready for the fight. A European thread contrasted American paranoia with Nordic normalcy, citing Norwegian schools that send kids into the woods with hunting knives for sausage-roasting trips, and one commenter noted that schools use "safety" as a magic word to enforce capricious discipline, not as a genuine concern for harm. The thread largely agreed with the article's core premise but zeroed in on a tension the piece itself doesn't resolve: most parents intellectually want their kids to have freedom, but the social, legal, and economic incentives all point the other way, creating a tragedy-of-the-commons problem where no individual parent feels safe being the first to let their guard down.
Toshifumi Suzuki, founder of Seven-Eleven Japan, has died [comments]
188 points · 75 comments · www.referenceforbusiness.com · 15h ago
Toshifumi Suzuki, the founder of Seven-Eleven Japan, has died, and the article details how he transformed Japan's retail industry by introducing franchising, just-in-time inventory, and sophisticated data systems that turned convenience stores into a technology-driven disruption of traditional groceries. The thread quickly pivots from the obituary to arguing over whether it's still accurate that 7-Eleven ATMs are a lifeline for foreign travelers in cash-heavy Japan, with people trading current intel on which bank machines actually work with US cards and which don't—sparking a deeper side debate about Japan's slow slide into a "second-tier economy" due to decades of poor monetary policy. A separate vein of comments pushes back hard on the article's framing, insisting that 7-Eleven Japan's real innovation was not just licensing the brand but building a proprietary tech stack that linked cash registers, suppliers, and ordering in ways the US parent never managed, with one person linking a video that explains the business model. Some travelers share personal nostalgia for the onigiri and coffee that defined their Japan layovers, while others snipe at "normies" who browse without ad blockers after multiple people complain the article page is unusable on mobile. The consensus splits cleanly: Suzuki deserves genuine respect for building something that actually improved daily life for millions, but the thread can't resist getting sidetracked into Japan's macroeconomic decline, the quirks of FeliCa versus Visa tap-to-pay, and whether American founders are inherently more corrupt than their Japanese counterparts.
Nobody cracks open a programming book anymore [comments]
180 points · 204 comments · unix.foo · 8h ago
The post argues that programming book sales have plummeted because chatbots like ChatGPT and Copilot have replaced the need for slow, deliberate learning through typing code from a physical book—the author claims knowledge was always "the residue of typing." Hacker News largely agreed that the medium is dying, but the conversation split hard on whether that matters: one camp insisted you still need the underlying knowledge and vocabulary to effectively guide coding agents, while others countered that this is just the next abstraction layer, no different from not needing to know punch cards or assembly anymore. A strong thread pushed back on the idea that books are obsolete for learning, arguing they provide structure and discipline that LLMs lack, and several people noted they're buying more books now for foundational knowledge. The top-voted meta-point came from an anecdote about a company running dual technical interviews (with and without AI) and finding that candidates who couldn't write code manually also couldn't get the AI to produce working results—suggesting the skill hasn't been replaced, just the tool for expressing it.
How Shamir's Secret Sharing Works [comments]
177 points · 27 comments · ente.com · 9h ago
The article explains Shamir's Secret Sharing, a 1979 cryptographic scheme that splits a secret into pieces so that only a minimum threshold of pieces—like any 2 out of 5—can reconstruct it, while fewer pieces reveal zero information. The HN discussion quickly got into the weeds comparing it to Reed-Solomon erasure coding, with several people pointing out that a naive Reed-Solomon approach leaks information about the secret from partial shares unless you apply an all-or-nothing transform, whereas Shamir is information-theoretically secure by design. A math teacher chimed in to say they literally teach this to high schoolers using polynomial lines on graph paper, which got a lot of appreciation. There was also a practical tangent about implementing a "two-person rule" for running sudo commands on production machines, drawing on experience from Google's internal authorization system, and a detailed breakdown from a cryptography expert explaining that share size is just a bit larger than the secret and that quantum computers pose no threat since the scheme is information-theoretically secure.
Microsoft pulls plug on plans for 244-acre data center in Caledonia (2025) [comments]
173 points · 167 comments · www.tmj4.com · 18h ago
Microsoft pulled the plug on a 244-acre data center project in Caledonia, Wisconsin, after local residents organized a petition with over 2,000 signatures and the village board pushed back hard. The HN thread largely ignored the local politics, though, and instead turned into a sprawling debate about Cloudflare geoblocking, because the news site’s CDN blocks visitors from outside the U.S. A bunch of people couldn’t even read the article and complained that Cloudflare is breaking the web, while others pushed back hard, arguing that regional news sites have good reason to geo-fence—99.999999% of traffic from Asia or Eastern Europe is just exploit scripts, and compliance costs for GDPR aren’t worth it for a local affiliate. The split was basically “Cloudflare is a protection racket that kills the open web” versus “small sites would get DDOS’d out of existence without it, and you’re being entitled.”
Does anybody like React? [comments]
164 points · 209 comments · jsx.lol · 6h ago
The linked article wasn't available to this summarizer; from the discussion, it’s a sprawling manifesto arguing that React is almost always the wrong choice for modern web apps, pointing to security vulnerabilities, performance degradation, vendor lock-in via Next.js, and a cultural reflex to default to React rather than picking the right tool for the job. The thread is deeply split: a vocal camp agrees that React is overused bloat and that vanilla HTML, web components, or lighter frameworks like Svelte are better fits for most CRUD-heavy work. On the other side, defenders argue React’s flexibility and ecosystem make it the least-bad option after years of chasing worse frameworks (Angular 1, Backbone, jQuery soup). A recurring sub-argument homes in on SPAs themselves rather than React specifically, with skeptics saying the real problem is building heavy JS frontends for sites that could just be server-rendered HTML with a sprinkle of interactivity. The conversation also surfaces friction between the "you love JSX, you don't love React" crowd and those who fled React’s hook madness for things like ClojureScript, while a few commenters recount switching back to React after hitting bugs in Svelte or finding that navigation patterns like an "intelligent back button" are easier to keep in one file with React than with HTMX.
Yoti age checks share facial photos and device fingerprints with third parties [comments]
155 points · 30 comments · mikespecter.com · 11h ago
A new academic paper reverse-engineered Yoti, the dominant age verification provider, and found it collects way more than just age—facial photos, government IDs, credit card details, and device fingerprints get shared with multiple less-visible "fourth parties." The HN thread mostly treated this as confirmation of what privacy-aware people have been warning about: biometric data can't be changed once leaked, and the current architecture looks designed to monetize every query rather than minimize data. A few commenters pushed back, arguing the paper unfairly singles out Yoti when it actually encrypts face images client-side and is relatively privacy-focused compared to other providers, and one even accused the article of letting an AI misread the study. The lead author showed up in the thread to field questions, but the dominant takeaway was that mandatory age verification is effectively state-sponsored identity theft, with several people noting that the real fix—zero-knowledge proofs—is being ignored because the current setup is too profitable.
C extensions, portability, and alternative compilers [comments]
154 points · 54 comments · lemon.rip · 17h ago
The article examines how real-world C code is riddled with non-standard compiler extensions and brittle preprocessor guards, using examples from glibc, SDL, and OpenBSD libc to show how codebases silently break on alternative compilers. The HN discussion dove straight into the “works on my machine” problem on Linux, with Windows and FreeBSD users pushing back hard that Linux-centric developers routinely ignore portability — and that glibc is actively hostile to non-GCC compilers for no good reason. That quickly escalated into a full-blown fight over systemd, with one side arguing it’s the bane of Linux and a huge barrier to porting software to BSDs, while others shot back that POSIX is garbage, systemd is great, and nobody complains when BSDs keep their own exclusive features. A separate practical thread tackled how you actually test against that matrix of compilers and OSes, with suggestions around build servers, musl, and tcc, plus a note from someone who built a C compiler inside D and had to wade through all the “nutburger nonsense” in header files.
IBM Spins Off the First Pure-Play Quantum Chip Foundry [comments]
148 points · 65 comments · futurumgroup.com · 22h ago
IBM is spinning off Anderon, a standalone quantum chip foundry backed by $2 billion in CHIPS Act money, betting big on superconducting silicon fabricated at 300mm scale and spreading smaller bets across trapped ion, photonic, and neutral atom competitors. The Hacker News crowd immediately questioned whether the field is anywhere near practical application—one person bluntly said these projects are basically useless for the real applications everyone agrees on (breaking crypto, logistics optimization, simulating quantum systems) because qubit count and quality remain far too low. A split emerged between those who see this as smart shared infrastructure that lets other quantum companies skip building their own cleanrooms, and those who view it as a handout to a company that bungled Watson and now runs on consulting audits and H-1B labor. Skeptics pointed out that the press release dodges the obvious question of whether these chips can run Shor's algorithm, while enthusiasts noted that 300mm production gives superconducting qubits a manufacturing advantage that other modalities like trapped ion simply can't leverage. The thread also veered into IBM's institutional dysfunction—multiple people argued the spinoff is tacit recognition that quantum research can't survive under IBM's middle-management culture, and one recalled how IBM used Watson as a shakedown tool to waive audit bills.
A successful Japanese trial of a ramjet engine designed for Mach‑5 aircraft [comments]
138 points · 108 comments · www.bgr.com · 12h ago
A Japanese team from JAXA and several universities successfully ground-tested a ramjet engine designed for Mach 5, with the goal of commercial hypersonic passenger service by the 2040s that could cut Tokyo-to-LA from 10 hours to two. The discussion immediately pushed back hard on the premise that this is a solvable engineering problem, arguing that we simply don't have materials that can handle the internal shockwave heat loading in the engine ducting—the nose cone is easy, the inside of the engine is the real killer. Others dismissed the whole plan as economically unserious, pointing out that supersonic commercial flight already failed with Concorde and that most of these startups are either bait-and-switch schemes pivoting to weapons contracts or just building dick-measuring private jets for billionaires. A major tangent argued that airport procedures, not flight time, are the real bottleneck, though this got split between travelers saying TSA and customs eat hours and those claiming PreCheck and Global Entry have already solved it. A few commenters did concede that a hypersonic glider on a suborbital trajectory might be less impossible than a full air-breathing airliner, but the consensus was that the headline overpromises on a tech that's nowhere near ready.
CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude [comments]
138 points · 71 comments · support.apple.com · 8h ago
Apple published a security update for macOS Tahoe 26.5 that fixes a kernel integer overflow (CVE-2026-28952) discovered by an AI—specifically, Claud from Anthropic, working with a security shop called Calif.io. The thread quickly turned into a debate about whether this is a sign that AI-assisted vulnerability hunting is forcing everyone onto a frantic update treadmill, with one camp arguing it’s just a faster, automated version of the fuzzing Google and others have been running for years, while another group sees it as a new, more aggressive threat model that makes staying on an old .0 release genuinely dangerous. A bunch of people pointed out that the same CVE affects older macOS versions like Sequoia and Sonoma too, so smugly refusing to upgrade to Tahoe doesn’t get you off the hook. There’s also a running sub-argument about whether Apple has historically been lazy about security on the desktop, with defenders citing hardware-level mitigations like the T2 and microphone disconnect, and detractors insisting Apple coasted on low market share for years and only recently started taking macOS seriously.
Rising seas will swallow New Orleans. People need to start relocating now [comments]
127 points · 146 comments · www.cnn.com · 22h ago
The article reports on a new study in *Nature Sustainability* arguing that New Orleans is past the point of no return from sea-level rise and needs a planned, managed relocation before a chaotic retreat becomes inevitable. The consensus on Hacker News was that the article gets the cause wrong by focusing on rising oceans instead of the far larger problem of land subsidence—New Orleans is sinking at more than twice the rate seas are rising, largely because human activity like draining wetlands has compressed the soil. That omission struck many as either sloppy journalism or a deliberate editorial choice, sparking a meta-debate about whether CNN has an “agenda” or is just optimizing for clicks on a scary sea-level headline. A significant side argument broke out over the racial dimensions of the story, with some accusing the article of “racializing” the impact and others pushing back hard that the disproportionate flood risk to Black residents is an objective reality, not a narrative choice. A few people also pointed out that the Army Corps of Engineers’ approach has already failed and that, as the Dutch are now doing with depolderization, the only sane engineering solution is to get out of the way.
The User Is Visibly Frustrated [comments]
112 points · 69 comments · pscanf.com · 3h ago
The article argues that the core problem with coding agents is their conversational UX—they talk like a friendly coworker, so when they repeatedly make the same mistake and apologize without learning, users experience real frustration with no catharsis, and the author suggests making them sound robotic instead. HN largely agreed about the frustration but split on the cause: some insisted it's not the human-like tone but unpredictable, dumb behavior that's the real issue, comparing it to a broken Windows File Explorer or a clueless teammate who deletes tests. A strong contingent pushed back on the idea of berating LLMs, arguing that swearing at them just pollutes the context window with bad statistical patterns and reduces output quality, while others deliberately stay cordial and treat it like a thought partner to get better results. There was also debate about whether this is a context-window limitation or a training problem—one person noted that Claude Opus 4.7 has a huge context but still ignores simple instructions from the first message, while another pointed out that users don't realize the agent is quietly forgetting old instructions through compaction. The thread also wandered into the dignity of refusing to use tools that make you feel hostile, with one person claiming refusing Windows is a matter of self-respect, which sparked a clash over privilege and the realities of "real world" jobs.
Motorola phones have started hijacking the Amazon app to insert affiliate codes [comments]
104 points · 47 comments · 9to5google.com · 4h ago
A 9to5Google report details how a Motorola Smart Feed app update hijacks the Amazon app — when you open it from the app drawer, the phone briefly flashes through Chrome and a third-party URL to inject an affiliate code, redirecting to Amazon with a traceable tag. The HN thread immediately split: some called it typical Chinese-OEM scumminess (Motorola is owned by Lenovo), while others shot back that Microsoft and nearly every Android manufacturer do similar or worse, and that singling out “Chinese brands” is lazy. Several commenters dug into the affiliate code’s mismatched influencer name and debated whether it’s a rogue employee’s long-con or just another slimy adware play from Motorola’s Taboola-powered “Smart Feed.” Users also piled on with their own Motorola horror stories — auto-installing games, re-enabling ad platforms on every update — and the consensus was that the only real fix is to disable Smart Feed in settings or flash a custom OS like LineageOS, though the upcoming GrapheneOS partnership has some people worried about brand trust.
2026 HIPAA Security Rule Update [comments]
96 points · 95 comments · medcurity.com · 18h ago
The linked article details the 2026 HIPAA Security Rule update, which mandates annual risk assessments, mandatory encryption for ePHI, multi-factor authentication, 72-hour breach reporting, and annual penetration testing, among other changes. The HN discussion quickly sidestepped the specifics of the rule itself and dove into a familiar, heated debate about whether compliance frameworks like SOC2 and the new HIPAA requirements actually improve security or just create checkbox exercises. A major split emerged between those who argue that vague requirements like "vulnerability scans" can be gamed with trivial tools like nmap, and others who insist that competent auditors or the threat of HHS enforcement (since HIPAA lacks a private auditing requirement) would reject such laziness. Some participants pushed back hard against letting compliance dictate security engineering, arguing that well-run firms should first do real security work and then map the minimum subset of that work onto the compliance paperwork. A couple of comments veered into conspiracy theory territory, suggesting the rule is a mechanism for regulatory capture that will drive out smaller vendors and enable government surveillance, though this was met with skepticism.
Generated 2026-05-26 08:24 UTC
Generated by Sauron from Hacker News discussions and linked articles.