HN Brief: 2026-06-05
Today’s HN was dominated by the business of open-source survival, with VoidZero’s acquisition by Cloudflare sparking a familiar argument: developers won’t pay for tools, so big-tech buyouts are the only exit, leaving projects like Vite vulnerable to eventual walled gardens. That thread ran alongside a deep split on Anthropic’s recursive self-improvement paper, which many read as blatant regulatory capture designed to freeze out open-source competitors, and a more hopeful energy-transition story that instead of hype brought a sobering reframing: solar, wind, and batteries are a bigger tech revolution than AI, but nobody speculates on them. A long-running shoelace knot war also broke out, revealing that most people have been tying "granny knots" their whole lives, which somehow felt like all of HN in miniature.
Threads most worth clicking into: “Anthropic's open-source framework for AI-powered vulnerability discovery” for the brutal catch-22 that making code secure now costs more tokens than writing it, fueling a "ship slop, sell fixes" cycle; “Meta's ships facial recognition on smart glasses” because the reverse-engineered code confirms Meta built the full biometric pipeline and is just waiting for the political moment to flip the switch; “Sagrada Família Lego set” for the surprisingly existential debate about what you actually *do* with a 24-inch Lego cathedral once you've built it; and the “Ask HN: So what happened to Facebook 'localhost' tracking?” thread, which confirms Meta stopped the practice but offers a sneakier lesson about browser prompts that users will click "allow" on without understanding.
VoidZero Is Joining Cloudflare [comments]
629 points · 272 comments · blog.cloudflare.com · 19h ago
The linked article wasn’t available to this summarizer; from the discussion, VoidZero—the company behind Vite, Vitest, Rolldown, and Oxc—is being acquired by Cloudflare, with assurances those projects stay open source and vendor-agnostic. The thread’s dominant take is that this is another inevitable consequence of developers refusing to pay for tools, leaving open-source projects with no path to revenue except a big-tech buyout, and the crowd is split between “you get what you pay for” finger-pointing and “even paying users can’t outbid Cloudflare” realism. Some people are already speculating that Vite will get Rust-rewritten into a walled garden within a year, while others note the irony of Cloudflare’s “better Internet” rhetoric coinciding with more centralization—one commenter points out that Spain’s La Liga blocks entire Cloudflare IP ranges, taking down legitimate sites during soccer matches. Vue’s Evan You landing at Cloudflare also gets attention, with a side debate about whether he’s already handed off Vue core to focus on Vite, and whether Guillermo Rauch’s Vercel animosity toward Cloudflare makes the Nuxt/Vercel–Vue/Cloudflare split awkward.
Ian's Secure Shoelace Knot [comments]
547 points · 207 comments · www.fieggen.com · 20h ago
The article covers Ian's Secure Shoelace Knot, a specific method for tying shoes that supposedly stays tied better than the standard knot while still being easy to undo. The HN crowd largely split into two camps: die-hard converts who learned it from a previous HN post years ago and swear it saved them hours of retying, and a bigger contingent who discovered the real issue was that they'd been tying a "granny knot" (loops perpendicular) their whole lives instead of the balanced version (loops aligned with the shoe). Someone pointed out that lace material matters just as much—stretchy laces on military boots hold knots better than the cheap ones on fashion trainers—which led to a deep dive on lacing methods for runners and hikers. A weird tangential debate erupted about whether "proper" headphone cable rolling ruins cords, whether microfiber cloths are actually necessary for cleaning glasses, and whether people who learn these efficiency hacks should inflict them on unsuspecting friends. The real consensus: everyone is passionately sure about how they tie their shoes, and the Ian knot page is a rabbit hole of obsessive minor variations that keeps pulling people back years after their first visit.
SpaceX, Other Mega IPOs Denied Fast Index Entry by S&P [comments]
500 points · 243 comments · www.bloomberg.com · 9h ago
S&P Dow Jones decided not to change its rules for fast-tracking mega-cap IPOs like SpaceX into its indexes, ending weeks of speculation that retirement funds would be forced to buy in at IPO. The HN thread was sharply split between people relieved the status quo held and those annoyed at the misinformation that preceded the decision—specifically the narrative that the rule change was a done deal and a conspiracy to pump money into Elon Musk’s companies. Several people pointed out that the NASDAQ 100 did adopt the change, and that the two indices serve totally different purposes, so conflating them was a mistake. The most substantive pushback argued that index holders will now get a worse entry price for SpaceX when it eventually qualifies, but others countered that the S&P 500 is supposed to track mature, stable companies, and bending rules for a single controversial IPO would do more long-term damage to trust than any short-term gain.
When AI Builds Itself: Our progress toward recursive self-improvement [comments]
441 points · 585 comments · www.anthropic.com · 15h ago
Anthropic published a post from their new institute arguing that the industry needs to work toward systems that could enable a coordinated global slowdown or pause in frontier AI development, particularly around the prospect of recursive self-improvement where models help build better models. The thread split hard: a sizable chunk of HN read this as a blatant regulatory capture play—Anthropic wants to form a cartel with other frontier labs to ban everyone else (open-source models, Chinese labs) while they keep advancing, and there’s deep skepticism about trusting a for-profit company’s ethics against investor pressure. Others took the article at face value, arguing that the race is genuinely dangerous and that Anthropic and DeepMind at least have enough self-awareness to talk about international coordination, even if it’s imperfect. A running counterpoint kept surfacing that the entire framing is convenient timing, since the companies are burning cash on consumer chatbots and would love an excuse to slow the capex treadmill and focus on expensive enterprise tools. A smaller, more technical tangent pushed back on one of Anthropic’s headline metrics—8x lines of code per engineer per day—calling it a misleading boast that measures verbosity, not quality.
French-Iranian author Marjane Satrapi, author of 'Persepolis', dies at 56 [comments]
428 points · 119 comments · www.france24.com · 20h ago
Marjane Satrapi, the French-Iranian author of the graphic novel *Persepolis*, has died at 56, and the thread quickly became a tribute to her work while also digging into the book’s controversial second half. Many people praised the book and its animated adaptation for capturing the artistic intent of the source material, with several calling it an essential read on par with *Maus* for offering a new perspective on revolution and exile. A significant split emerged over the second half of *Persepolis*: some readers found her teenage years in Vienna—involving drug dealing and aimlessness—to be self-indulgent and jarring after the childhood narrative, while others pushed back hard, arguing that expecting a “noble savage” hero’s journey is unfair and that her unflinching honesty about trauma and alienation is exactly why the story is valuable. The discussion also veered into the long-standing cultural ties between Iran and France, with people noting the French influence on Persian vocabulary (like “merci” for thank you) and pointing out that many Iranian exiles ended up in Paris, Vienna, or Los Angeles—context that explains her biography. A few minor corrections surfaced about the movie versus book release dates, but overall the thread treated her death as a moment to reflect on how *Persepolis* challenged Western expectations of suffering and success.
Anthropic's open-source framework for AI-powered vulnerability discovery [comments]
398 points · 114 comments · github.com · 11h ago
Anthropic released an open-source reference harness for using Claude to autonomously find and patch vulnerabilities in C/C++ code, complete with Docker and ASAN. The thread immediately landed on the repo’s own disclaimer that it’s “not maintained and not accepting contributions” — that got read as a deliberate bait-and-switch to upsell the hosted product, with some calling it a glorified sales funnel. Cost was the main battleground: estimates ran to thousands of dollars per scan, and the realization that securing code now requires more tokens than writing it sparked a split — one side argued that was always true (bug-finding is expensive), while the other countered that it’s a self-perpetuating “ship slop, sell fixes” profit loop. A sharp subthread dug into why Anthropic sells tokens at all: if AI were truly magical for building software, they’d hoard the compute and dominate every SaaS vertical themselves, but the counter-punch was that building a fab doesn’t require you to also design every chip, and selling shovels during a gold rush is a perfectly rational strategy.
Wind and solar generated more power than gas globally in April 2026 [comments]
385 points · 353 comments · electrek.co · 17h ago
Wind and solar topped gas in global electricity generation for the first time last April, producing 22% of the world's power versus 20% from gas, according to Ember data. The HN thread immediately pivoted to US vs. China policy: China is sprinting (35% YoY growth) while the US administration actively fights renewables, though commenters pointed out that Texas is the biggest producer of wind and solar, and that even with hostile politics, US renewable capacity is still growing 8% YoY. A heated subthread debated whether renewables are a practical fit for heavy industry like steel and aluminum—skeptics cited intermittency, but others countered that Australian smelters are already lobbying for renewables because they can't compete on global prices without them. The most unexpected angle was a push to reframe the story: solar, wind, and batteries are a far bigger technological revolution than AI, but nobody cares because there's no speculative casino to hype it up.
UK media fails to disclose defence sector links in nearly 60% of cases [comments]
366 points · 203 comments · aoav.org.uk · 23h ago
A report from AOAV found that when retired British generals appear as "independent" defence experts in UK media, their commercial ties to arms and security firms go undisclosed nearly 60% of the time — including figures who publicly pushed for higher defence spending while sitting on boards of companies that would directly benefit. The HN thread quickly split: some readers argued the report bends over backwards to insist it's not accusing anyone of wrongdoing, which others interpreted as defensive cover against inevitable pushback from well-connected circles. A substantial chunk of the discussion abandoned the article's focus entirely, instead debating whether the "defence sector" should be called the "arms industry" or even "war industry," and whether the UK is a neo-imperial vassal state propping up US aggression. That spiraled into an argument about the Falklands, Iraq, and whether US bases in Germany constitute an occupation — far from the original point, but it shows how the topic triggers deeper ideological fault lines about who really profits from conflict.
The desperation of NYTimes [comments]
356 points · 297 comments · rozumem.xyz · 14h ago
The blog post is a complaint about the New York Times sending five un-opt-out-able onboarding emails after a $2/month subscription, which the author frames as a desperate and anti-growth practice compared to their own business where they make unsubscribing trivial. The thread immediately veered into a broader indictment of the NYT’s subscription dark patterns, with several people labeling the company’s historically difficult cancellation process—requiring a phone call during limited hours—as straight-up fraud, though a few noted it has gotten easier recently. The conversation then pivoted hard into workarounds, with a big split emerging: one faction enthusiastically evangelizes free library-card-based access (with caveats about 3-day or even 1-day renewal cycles), while another insists the journalism is valuable enough to tolerate the marketing nonsense—a stance others roundly rejected as excusing unethical behavior. A massive tangent erupted about the agony of installing printer apps (HP, Brother) and how hardware companies' popup-laden, feature-broken software is a more universal example of this same "desperate" anti-pattern, with the consensus being that Mac users should just avoid vendor apps entirely.
Retro-Tech Parenting [comments]
287 points · 197 comments · havenweb.org · 16h ago
A technologist parent explains their deliberate switch to retro tech for their kids—CDs for music, a landline for calls, a locked-down family computer with pi-hole—as a way to opt out of engagement-optimized, algorithm-driven devices. The HN crowd mostly loved the philosophy, jumping in with their own stories of vinyl collections, Jellyfin libraries, and supervised iPhones, but the real tension was around the social cost: opting a kid out of addictive platforms often means opting them out of the group chat, which is the actual hard problem no dumbphone can solve. Several parents described the painful reality of SMS group chats where their kid gets left behind because other parents don't understand the approved-contact workflow. A smaller but sharp counterpoint argued that we didn't accidentally drift into this mess—people who warned about it were ignored, and calling it "willful ignorance" is more honest. Someone also spotted that the article's featured photo of a retro CD player is AI-generated, which felt like a cheap move for a piece pitching authenticity.
Meta's ships facial recognition on smart glasses [comments]
267 points · 226 comments · www.buchodi.com · 12h ago
The article is a technical deep-dive by a developer who reverse-engineered Meta’s Android app for Ray-Ban smart glasses and found the full on-device facial recognition stack—face detection models, a 2048-dimension biometric embedding pipeline, a vector database for cosine-similarity matching, a “NameTagsPending” directory that writes unrecognized faces to disk, and a hardcoded “Person recognized” notification channel—all shipped and wired together, though gated behind server-side flags and not yet active for ordinary users. Hacker News seized on this as confirmation of what many suspected: Meta has built the capability and is waiting for the political moment to flip the switch, with one former Facebook researcher confirming that leadership repeatedly pushed for facial recognition over legal objections, and that the feature was only held back by FTC audits and internal face-removal infrastructure they had to build. The comments split between disgust at the company’s cynicism and debate over whether regulation or social shaming can stop it—several people argued that the “no expectation of privacy in public” legal doctrine makes this unstoppable, while others pointed to Illinois’ biometric privacy law and the precedent of Google Glass getting socially rejected as reasons for hope. A notable tangent emerged around the practical impossibility of banning these from workplaces with confidential screens, with one security policy maker flatly stating their office already bans smart glasses and expects physical confrontations over them in public. The consensus in the thread is that Meta is deliberately exploiting a permissive regulatory window under the current administration, and that the only meaningful constraint left is whether people will treat wearing these glasses as antisocial in the same way they did with Google Glass.
Show HN: Uruky (EU-based Kagi alternative) now has Image Search and URL Rewrites [comments]
222 points · 203 comments · uruky.com · 23h ago
The submission announces Uruky, an EU-based private search engine that positions itself as a Kagi alternative, now with image search and URL rewrites, and a promise of source-code access after a year of paid membership. The HN crowd immediately questioned the comparison to Kagi, pointing out that both are metasearch engines (Uruky even relies on third-party indexes like Marginalia and Mojeek, though it also has its own tiny index), which led to a “why not just use SearxNG” rebuttal. Signup friction was a major pain point — the free trial requires a proof-of-work captcha and account creation, which several people balked at, though the founder defended it as necessary for bot prevention and noted Kagi has the same requirement. Privacy skeptics homed in on the lack of anonymous payment options like Monero, with the founder explaining they’re working on cash-by-mail but face legal hurdles in Portugal for crypto payments. A split emerged on UI and AI: one commenter begged for better UX and widgets, while others cheered the firm “no generative AI” stance as a selling point.
Meta enables ADB on deprecated Portal devices [video] [comments]
203 points · 64 comments · developers.meta.com · 7h ago
Meta announced that ADB is now enabled on its discontinued Portal smart displays, letting developers sideload apps onto the hardware. The thread lit up with people repurposing their dusty Portals as Home Assistant dashboards, kid routine boards, or general-purpose Linux kiosks, with one person noting the hardware design is genuinely nice and the speakers aren’t half bad. But the reaction was split: plenty of pushback from privacy-minded readers who can’t believe anyone would put a Meta-owned camera and mic on their network, and a long, cynical subthread arguing it’s depressing that it took the CTO “having some fun” to unlock a feature that engineers had begged for years earlier—and that the devices still run an EOL version of Android with no security patches, so you’re better off keeping them isolated. A former Meta engineer chimed in with inside story: the team actually asked to open the devices when Portal was killed, but were denied over concerns about leaking hardware keys, making the current unlock feel more like a lucky whim than a policy shift.
Sagrada Família Lego set [comments]
186 points · 153 comments · www.lego.com · 15h ago
Lego announced a 12,060-piece Sagrada Família Architecture set for $800, the largest single Lego building kit ever. The thread immediately split into a debate over whether such a highly repetitive build—dozens of identical pillars and spires—is satisfying or tedious, with some comparing it to knitting or unit origami and others predicting burnout. A long sub-discussion erupted over the “Lego spirit is dead” nostalgia, almost universally shot down: people pointed out that bulk bricks still exist, kids still mix sets, and this $800 collector’s piece is targeting a different demographic than free-form play. A third thread ran the numbers on build-time scaling: if you scale linearly by height, the model should take about 200 days at 60 pieces per day, but if you scale by volume the time drops to under 30 minutes—prompting jokes about lawsuits, scaffolding, and instruction-page vandals. Meanwhile, a few commenters wondered about putting a tiny 360° camera inside the finished model for a VR tour, sidestepping the bigger question of what you actually do with a 24″ tall Lego cathedral once it’s built.
Gaussian Point Splatting [comments]
186 points · 68 comments · momentsingraphics.de · 21h ago
The paper proposes sampling pixel-sized opaque points from Gaussian splats and using 64-bit GPU atomics to splat them, aiming to render hundreds of millions of Gaussians in real time while skipping the usual sort step. The thread immediately split between people arguing this is a clever rehash of decades-old point splatting and stochastic progressive point cloud rendering in VFX, and others who maintain the novelty lies in the opacity correction and GPU workload mapping (with one commenter pointing to Schütz et al. 2021 as prior art for the per-pixel atomics). A fair amount of time was spent clarifying that "millions of threads" means logical GPU threads, not OS threads, and that the GPU scheduler handles dispatch—though one person was confused about 1024-per-SM limits. The noise inherent to Monte Carlo approaches was flagged as the main downside, with the suggestion that a deep-learning denoiser might be the inevitable fix, while several commenters debated whether this technique is ready for AAA games given splats' lack of sharp surfaces, difficult relighting, and poor path tracing performance.
Open Code Review – An AI-powered code review CLI tool [comments]
164 points · 37 comments · github.com · 8h ago
Alibaba open-sourced their internal AI code review CLI, which combines deterministic engineering (file bundling, rule matching) with an LLM agent to generate line-level review comments on Git diffs. The thread quickly turned into a marketplace comparison: several people who’ve tried CodeRabbit, Cursor’s BugBot, or homegrown skills reported that a simple Claude Code wrapper often matches the paid services, and that SaaS pricing is becoming a pain point now everyone moved to per-token billing. A running benchmark against the Martian review dataset showed high recall (~74%) but brutal precision (~12%), sparking a split between those who argue false positives are easily ignored and those who insist every noise flag drains developer attention. Others raised practical nitpicks—the CLI acronym `ocr` is already taken, the `max_tokens` parameter is hardcoded against newer models, and the default rule files are in Chinese—while a few questioned whether this kind of automated review is mostly theater if no human actually reads the output.
Do transformers need three projections? Systematic study of QKV variants [comments]
156 points · 31 comments · arxiv.org · 8h ago
A new paper systematically tests whether Transformers actually need all three separate QKV projection matrices, finding that sharing key and value (Q-K=V) cuts the KV cache in half with only a 3.1% perplexity penalty, and combining that with existing head-sharing tricks like MQA pushes cache reduction to 97%. Several people in the thread were confused by the paper's notation (Q-K=V uses a minus sign to mean "and also", not subtraction), and there was a lot of pushback on the experimental scale: the 1.2B model was trained on only 10B tokens, far short of the Chinchilla-optimal 200B+ for that size, so the results might not hold after overtraining. Multiple strong opinions emerged—one thread argued "scaling curves or GTFO" because any pile of linear algebra works at small scales, while others pointed out these ablations are still valuable for edge deployment where hardware is constrained and you might not care about trillion-token pretraining. The discussion also drifted into whether the original Transformer authors just stumbled into QKV as a default and whether attention mechanisms themselves are overengineered, with comparisons to how ReLU/GELU were eventually interchangeable.
Google employees internally share memes about how its AI sucks [comments]
155 points · 103 comments · www.404media.co · 16h ago
The linked article wasn't available to this summarizer; from the discussion, it's about Google employees using internal memes to trash the quality of the company's own AI products. The thread immediately split into two camps: one arguing that *all* current AI is overhyped and buggy, not just Google's, and another pushing back hard that dismissing AI entirely is a mistake—that it provides a genuine competitive edge if used correctly, and critics are just bad at using it. A substantial part of the conversation pivoted to Google's internal meme tool, Memegen, with former employees explaining that while management officially tolerates it as a feedback mechanism, spicy criticism can still get HR involved, and high-voted memes rarely lead to actual change. A few commenters also pushed back on 404 Media's framing, arguing that internal complaining about your own company's tools is normal (pointing to Excel users at Microsoft) and that this story reveals more about media insecurity than anything surprising.
KVarN: Native vLLM backend for KV-cache quantization by Huawei [comments]
132 points · 13 comments · github.com · 16h ago
Huawei released KVarN, a calibration-free KV-cache quantization backend for vLLM that claims to pack 3-5x more cache capacity while matching or slightly exceeding FP16 throughput, using a novel combination of Hadamard rotation and iterative variance normalization. The HN crowd immediately zeroed in on the awkward political and practical question of why this isn't a pull request into the main vLLM project, with several people pointing out that it's a research paper output and that anyone comfortable with diffing could fork it into a PR themselves, especially with AI assistance. The performance claims got scrutinized hard — the "better than FP16" language is misleading, since the actual AIME score is 59.3% vs FP16's 59.4%, which is within statistical noise and one person argued that any deviation from full precision is still error, even if practically negligible for a 4x capacity win. A few commenters suggested porting it to llama.cpp instead, and one dropped a Chinese phrase that roughly translates to "far ahead of the field," reflecting genuine technical enthusiasm despite the upstreaming hangup.
WSL 2 is getting faster Windows file system access [comments]
125 points · 94 comments · www.boxofcables.dev · 12h ago
Microsoft detailed a kernel change coming to WSL 2 that gives each virtio device its own DMA buffer pool, removing a contention bottleneck that had been slowing down cross-OS file access through virtiofs. The thread immediately split between people who have already fled Windows over this exact problem and those still fighting it daily. Several developers confirmed that the old Plan 9 transport is still painfully slow for workflows with many small files—node_modules and compilations were repeatedly called out as basically unusable on /mnt/c—and one person ran a compile benchmark showing virtiofs already cut the gap to near-native speeds. A big undercurrent was the realization that most users who complain about WSL performance are unknowingly keeping their projects on the Windows filesystem when they should be working inside the WSL VHD, though others argued that defeats the point of transparent cross-OS access. The thread also spiraled into a proxy debate about whether LLMs have finally made switching to Linux painless enough to justify leaving Windows, with several people claiming they migrated successfully after years of tolerating WSL's filesystem slowness.
South Korean Forums Will Need to Scan Every Images with AI Censorship Tools [comments]
121 points · 98 comments · discuss.privacyguides.net · 8h ago
South Korea has just mandated that all online forums and communities scan every user-uploaded image and video with AI censorship tools, starting next month, with the government specifying exact hardware requirements like CUDA-capable Nvidia GPUs and an outdated Ubuntu 18.04—but offering no funding or support for the infrastructure. The HN discussion largely dismissed the stated goal of catching illegal porn and CSAM, arguing instead that the punishing hardware costs and unreachable deadlines are a deliberate strategy to kill small, independent forums that host unflattering memes and political speech. A significant split emerged over whether this is a "left-wing" authoritarian move tied to the current administration or just another chapter in South Korea’s long, bipartisan history of internet censorship and surveillance, with Koreans in the thread pushing back against simplistic foreign framing. Several people noted the absurdly specific technical mandate—forcing a single vendor and a dead OS—looks like either gross incompetence or a backroom deal, and drew parallels to South Korea’s notorious ActiveX banking requirements. The thread also veered into a broader argument about political labels, with some insisting "left" and "right" are useless for describing a country where both major parties love censorship, while others called that bothsidesing intellectually lazy.
Iran Shock Jolts Asia and Europe to Speed Up Energy Transition [comments]
121 points · 97 comments · www.bloomberg.com · 11h ago
The linked article wasn't available to this summarizer; from the discussion, the Bloomberg piece argues the war with Iran has turned the energy transition from a long-term climate problem into an immediate security crisis for Asia and Europe. The thread largely agrees that the Strait of Hormuz closure is the real catalyst, though many push back hard on the framing—one camp insists this is a political crisis caused by specific military action, not an "energy issue," while others counter that renewables' lack of dependence on constant fuel flows makes it definitionally an energy problem. A deep split emerges on blame: some see a historic strategic miscalculation by the U.S. and Israel, arguing Iran's decentralized chokehold capability has humiliated American power projection, while others point to Iran's collapsing economy and missile depletion to argue nobody wins. The conversation swerves hard into whether China is the sole beneficiary, with one side arguing China's dominance in solar, batteries, and EVs makes this a perfect geopolitical windfall, while others warn that Western regulatory arbitrage and China's monopolistic intent will eventually create the same dependency problems the crisis is supposed to solve.
IPv6 zones in URLs are a mistake [comments]
119 points · 91 comments · xeiaso.net · 10h ago
The linked article wasn't available to this summarizer; from the discussion, it argues that IPv6 zone identifiers (the `%eth0` part of a link-local address like `fe80::4%eth0`) are a nightmare to handle in URLs. The thread dives deep into a genuine standards mess: the original IPv6 RFCs didn't cover zone IDs in URIs, an older RFC (6874) said they must be percent-encoded (`%25`), and a 2025 RFC (9844) obsoleted that guidance without replacing it—leaving Go's `net/url` package correctly supporting the now-obsolete syntax while the spec offers nothing. Several people point out that these link-local addresses are rarely needed in well-configured networks and are mostly a pain for bootstrapping smart devices or configuring routers, while the real villain everyone keeps returning to is the `:` character in IPv6 addresses itself, forcing ugly `[]` brackets that break tools like `rsync` and shell parsing.
The LLM warnings Google fired Timnit Gebru over have all come true [comments]
110 points · 104 comments · www.tumblr.com · 16h ago
The post recaps the five core warnings from the 2020 "Stochastic Parrots" paper Timnit Gebru was fired over—that scaling up LLMs would produce fluent but uncomprehending systems, amplify bias, destroy the environment, make datasets unauditable, and concentrate power—and argues each one has been borne out. The HN discussion immediately split into a proxy war over whether the paper’s predictions were actually correct or just vague enough to claim anything as confirmation. A major pushback argued the "stochastic parrots" label has aged terribly since modern models can prove theorems and solve calculus, meaning the paper fundamentally misjudged what statistical recombination can achieve; others countered that this only proves complex reasoning doesn’t require understanding, which is an even more unsettling conclusion. The thread also got stuck on whether identifying a problem requires offering a solution, with some dismissing the warnings as useless without actionable fixes and others comparing it to demanding a safe-cigarette recipe from lung cancer researchers. A smaller but pointed debate emerged over whether the bias and auditability claims actually apply to current real-world deployments or if the examples given (healthcare triage, loan approvals) conflate different types of models and fail to prove the paper’s specific thesis about language models.
The Causes of Long Covid [comments]
107 points · 63 comments · www.science.org · 5h ago
The linked article wasn't available to this summarizer; from the discussion, it appears to be a post on the Science.org blog making the case that Long Covid is a real autoimmune disease driven by autoantibodies, backed by evidence that transferring IgG from patients to mice reproduces the symptoms. A major split in the thread was whether the condition overlaps with or is distinct from Mast Cell Activation Syndrome (MCAS), with some arguing MCAS is an intermediate mechanism triggered by the autoimmune response and others saying it’s a separate, confounded condition. A more contentious argument focused on the role of psychiatric medication: one corner pointed to SSRIs improving symptoms in some studies, suggesting a psychological or social-contagion component, but that was met with heavy pushback pointing out that SSRIs have immunomodulatory effects and that treating depression comorbid with a real illness isn't evidence the illness is fake. Several personal accounts detailed brutal multi-year recoveries involving diet, exercise, and fasting, while other commenters pushed back on the idea that chronic illness can be neatly categorized by symptoms, calling instead for a complete quantitative mapping of human metabolism to find the actual broken pathways.
Azure Linux 4.0 is Microsoft's first general-purpose Linux [comments]
103 points · 72 comments · www.boxofcables.dev · 4h ago
Microsoft shipped Azure Linux 4.0 into public preview, marking the first time its in-house Linux distro can run on any Azure VM rather than being locked to Azure Kubernetes Service, and the big architectural shift is that it's now derived from Fedora (a Fedora 43 snapshot) with declarative overlays instead of being hand-assembled package by package. The HN crowd immediately split into two camps: the skeptics who argued calling it "general purpose" is misleading since it's tuned specifically for Azure hardware, has no desktop, and lacks ISV certification outside Microsoft's stack, versus the more pragmatic folks who pointed out that Microsoft has been running this distro internally for years behind AKS, Azure SQL, and Cosmos DB, and that Databricks and LinkedIn have already migrated massive workloads onto it. A bunch of people got hung up on "Embrace, Extend, Extinguish" fears, but others shot that down by noting the GPL-licensed components and MIT-licensed Microsoft bits make lock-in hard, and that the announcement explicitly says it's for cloud and server workloads only. Some commenters dunked on the article itself for what they called obvious AI-generated prose in the opening paragraph, which derailed a chunk of the thread into griping about sloppy tech writing. The most substantive pushback centered on what makes this actually different from just shipping Fedora directly—the answer boiled down to Microsoft wanting control over update cadence, hotfix turnaround, and FIPS certification defaults without waiting on upstream's release schedule.
C++: The Documentary [comments]
95 points · 19 comments · herbsutter.com · 3h ago
Herb Sutter announced the release of a roughly feature-length documentary covering C++'s 40-year history, from Bjarne Stroustrup's work at Bell Labs through the standardization wars, the "winter" of the early 2000s, and its resurgence with Modern C++ and AI-driven growth. The HN thread immediately split into two camps: a few people dismissed C++ as tedious or historically controversial, but most pushed back hard, arguing the language has matured and that the real pain point today isn't the language itself—it's the fragmented ecosystem with no standard package manager or build system. Several people dug into the claim of +90% user growth in 3.5 years, questioning whether AI and "vibe coders" are really writing C++ or if those numbers capture something else entirely. There was also a pointed side debate about Stroustrup's legacy, with one thread pushing back against criticism from Casey Muratori, arguing the committee process—not any single person—is to blame for the language's historical complexity, and that C++ remains deeply entrenched in games, trading, and HPC for good reason.
Ask HN: So what happened to Facebook "localhost" tracking?
89 points · 92 comments · news.ycombinator.com · 19h ago
The linked article wasn't available to this summarizer; from the discussion, it revisits a year-old controversy over Meta using Facebook's app to listen on Android's localhost, letting its pixel exfiltrate browsing data to tie it to a user's identity. The big news in the thread is that Meta appears to have stopped the practice — code for the `_fbp` cookie has been almost entirely removed — and Yandex quit too. People immediately pivot to browser-level defenses, noting that Chrome and Firefox are shipping local-network-access prompts that block these connections, though the consensus is that the wording is terrible, with most users clicking "allow" on a prompt they don't understand, sparking a fierce debate over whether the UI should say "spy on your local devices" versus "access local web apps." A separate, deeper vein of the thread completely breaks away from the tracking story into a full-on argument about whether a software engineering union could actually refuse unethical features on principle, with pushback that without collective bargaining in the US, a union is just a social club and you can already just say no and quit.
Show HN: Boxes.dev: ditch localhost; run Claude Code and Codex in the cloud [comments]
89 points · 63 comments · boxes.dev · 17h ago
The linked article wasn't available to this summarizer; from the discussion, it's a Show HN for boxes.dev, a cloud-only development environment that gives each Claude Code or Codex agent its own cloud computer, letting you ditch running everything locally. HN dug into the sustainability angle hard, with several people questioning how the platform defends against OpenAI and Anthropic eventually building the same cloud-native features directly into their own tools. The founders pushed back by arguing the labs are distracted by supporting both local execution and non-coding users, and that the future will be model-agnostic—companies won't want all their eggs in one lab's basket. A big split emerged around pricing and self-hosting: a vocal group refused to consider it unless they could run it on their own VPS or the code was open-sourced, while others defended the model by pointing out the per-second billing and microVM snapshotting makes parallel agent threads vastly cheaper than spinning up ten VPS boxes. There was also genuine excitement from people frustrated with the overhead of running multiple app instances on a laptop, and a few detailed tangents from users building competing OSS tools in the same space.
NSA using Anthropic's Mythos for cyber attacks [comments]
82 points · 27 comments · www.ft.com · 11h ago
The linked article wasn't available to this summarizer; from the discussion, the FT story claims Anthropic has embedded around half a dozen engineers inside the NSA to customize its "Mythos" model for offensive cyber operations, specifically targeting networks in China and Iran. The HN crowd immediately tore into the reporting, calling the headline wildly editorialized and pointing out the article offers no evidence of an actual operation, only a single anonymous source saying Mythos *would be useful* for that purpose. People argued this is either pure speculation or marketing, not news, and noted the logic that "the best defense is a good offense" is a standard justification that reveals nothing. Several folks were less surprised by the NSA using AI and more worried about the agency's long history of warrantless surveillance and targeting its own citizens, with one commenter quipping that they'll just "outspurce" to psychopaths who have no ethical limits.
Generated 2026-06-05 08:40 UTC
Generated by Sauron from Hacker News discussions and linked articles.