Ask stories

Hi everyone I saw zig is and intresting language I am learning it and also making a transpilied High level language over it I want some help with developing syntax. in my lang there are three types of var declaration 1) using local keyword this are added in arena of the specific function. 2) using let keyword this are on stack but i am finding solution to make strings easier here. 3) manual memory but my transpiler will automatically use defer keywords so they are safe and delete once block exit 4) using unsafe direct fully manual memory management but still my transpiler will not let compiler till once in code the are freed.

Why are they behaving like this since last year (trying very hard to burn themselves to the ground)

Latest example:

Microsoft Office renamed to “Microsoft 365 Copilot app” (https://news.ycombinator.com/item?id=46496465)

Not only the rename is absurd, but the page (office.com) looks heavily vibe-coded

Hi HN,

We are working on a document vault designed for people and organizations who cannot accept cloud exposure.

The system is intentionally boring in some ways: • No required accounts • No cloud dependency for core functionality • Fully offline operation • Local encryption • Air-gapped storage • Encrypted export and controlled, encrypted printing

The printing piece is why we started this. In many environments, printing is still unavoidable, and it remains one of the largest data-leak vectors. Most privacy tools stop at storage and ignore output entirely.

This is not meant to replace cloud storage for everyone. It is for cases where the threat model assumes: • Networks are hostile • Cloud accounts will eventually be compromised • Convenience must sometimes be traded for control

We are explicitly not claiming: • “Unhackable” • “Military-grade” • “Zero risk”

We are trying to minimize attack surface and failure modes, not eliminate them.

We would genuinely value feedback on: • Threat model blind spots • Encrypted printing assumptions • Physical access risks • Update and key management strategies • What would make you immediately distrust this

If this sounds like something you would never use, that is also useful feedback.

Thanks.

Share your information if you are looking for work. Please use this format:

  Location:
  Remote:
  Willing to relocate:
  Technologies:
  Résumé/CV:
  Email:

Readers: please only email these addresses to discuss work opportunities.

There's a site for searching these posts at https://www.wantstobehired.com.

I often have 5-10m gaps. It’s too easy to waste this time.

What things do you like to do in these increments?

For instance, learning a new skill, getting slightly better at something, reading high quality content.

Edited to clarify that I don’t mean phone-specific activities!

Please state the location and include REMOTE for remote work, REMOTE (US) or similar if the country is restricted, and ONSITE when remote work is not an option.

Please only post if you personally are part of the hiring company—no recruiting firms or job boards. One post per company. If it isn't a household name, explain what your company does.

Please only post if you are actively filling a position and are committed to responding to applicants.

Commenters: please don't reply to job posts to complain about something. It's off topic here.

Readers: please only email if you are personally interested in the job.

Searchers: try https://dheerajck.github.io/hnwhoishiring/, http://nchelluri.github.io/hnjobs/, https://hnresumetojobs.com, https://hnhired.fly.dev, https://kennytilton.github.io/whoishiring/, https://hnjobs.emilburzo.com, or this (unofficial) Chrome extension: https://chromewebstore.google.com/detail/hn-hiring-pro/mpfal....

Don't miss this other fine thread: Who wants to be hired? https://news.ycombinator.com/item?id=46466073

## My Implementation

I'm using a 64-bit layout:

- Bits 63-51: Quiet NaN signature (0x7FFC...)

- Bits 50-18: 32-bit payload (integers, string pool indices, etc.)

- Bits 17-3: Unused/ (15 bits)

- Bits 2-0: 3-bit type tag

So it allows me to have 5 tagged types: `TRUE_VAL`, `FALSE_VAL`, `STRING_VAL`, `CALLDATA_VAL`, `U32_VAL`

This is for a domain-specific VM I'm building for programmable task management (think "Vim for todo apps" - small core with scriptable behaviors). The VM is stack-based with:

- String pooling & instructions pooling (indices stored as NaN-boxed values) - Call stack for task instructions execution.

code is here : https://github.com/tracyspacy/spacydo/blob/main/src/values.rs

I would link to an image on YouTube, but a) I don't want to be posting porn and b) I suspect it's an intermittent image where someone is tricking YouTube to distribute pron-ish images for the LOLZ, maybe just to see if they can get past their filters.

So... a) yes, whoever you were, you were able to get porn past Alphabet censors, b) it's constructed in such a way with gaps and splotches that I could believe it would get past an AI filter, c) does Alphabet care about receiving reports of such things? I suspect their response would just be "thank you for bringing this to our attention. we make every effort to provide a positive environment for our users...", d) it does not, thankfully, appear to be child porn, e) it appeared as a still image attributed to Sv Plumbing.

Aside from the irony of salacious images slipping past a corporate behemoth claiming near infinite machine learning and human moderator powers, I'm vaguely interested in how this happened. If it can happen with porn, it can happen with any type of image. Perhaps nuclear secrets are being exfiltrated to North Korea and Iran by way of AdWords as we speak! (though I can think of easier ways to steal nuclear secrets.) Does this imply Alphabet is less about humans and more about AI these days?

Just curious.

RevisionDojo is a YC-backed test prep company ($3.4M raised) that sells International Baccalaureate (IB) test prep. Over the past year, users on r/IBO sub-reddit have documented a pattern of unethical marketing practices:

*Astroturfing:* Coordinated campaigns where accounts pose as students sharing "cheatsheets" and "predicted exam leaks." Other accounts then upvote, leave supportive comments, and ask follow-up questions—creating the illusion of organic student excitement. Multiple threads have exposed this pattern [1][2][3].

*Paid fake posts:* High school students report being offered payment to write promotional Reddit posts [4].

*Pressuring critics:* Users who post negative reviews report being contacted directly by company representatives, told it's "a shame" they're posting publicly [5]. Critical comments receive coordinated mass downvotes [6].

*Soliciting copyrighted materials:* They use TikTok influencers and fake reddit posts to persuade students to sell them official IB exam papers, violating IB policies [7].

The r/IBO moderators are actively investigating [8].

These practices appear to be working great for them. Recently, they acquired OnePrep (oneprep.xyz), a free SAT prep tool that was already popular on r/sat. Since the acquisition, the same manipulation tactics have been deployed at scale: 150 Trustpilot reviews in a window of a few days [9], and widespread coordinated Reddit manipulation—multiple accounts posting "tips" that recommend Oneprep, coordinated upvoting, and fake enthusiasm in comments. The most prominent example was a 2,000+ upvote post removed by moderators for manipulation, but it's part of a sustained campaign across the subreddit.

*Sources:*

[1] https://www.reddit.com/r/IBO/comments/1p55qun/ [2] https://www.reddit.com/r/IBO/comments/1jsb00a/ [3] https://www.reddit.com/r/IBO/comments/1ohcohi/ [4] https://www.reddit.com/r/IBO/comments/1p55qun/comment/nqmhal3/ [5] https://www.reddit.com/r/IBO/comments/1my1ajx/comment/na94upv/ [6] https://www.reddit.com/r/IBO/comments/1my1ajx/comment/na8zvs4/ [7] https://www.reddit.com/r/IBO/comments/1mej900/ [8] https://www.reddit.com/r/IBO/comments/1my1ajx/comment/nagdkl5/ [9] https://www.trustpilot.com/review/oneprep.xyz

I’m researching patterns for edge / gateway telemetry where the network is unreliable (remote sites, industrial, fleets, etc.) and you need offline buffering + bounded disk + replay once connectivity returns.

Questions for folks running this in production:

What do you use today? (MQTT broker + ??, Kafka/Redpanda/NATS, Redis Streams, custom log files, embedded DB, etc.)

Where do you buffer during outages: append-only log, SQLite/RocksDB, queue-on-disk, something else?

How do you handle backpressure when disk is near full? (drop policy, compression, sampling, prioritization)

What’s your failure nightmare: corruption, replay storms, duplicates, “stuck” consumer offsets, disk-full, clock skew?

What guarantees do you actually need: zero-loss vs “best effort” (and where do you draw that line)?

What metrics/alerts matter most on gateways? (queue depth, replay rate, oldest event age, fsync latency, disk usage, etc.)

I’d love to learn what works, what breaks, and what you wish existing tools did better.

If I'm writing a new lightweight application that requires LLM-based text completion to power a feature, is there a standard way to request the user's operating system to provide a completion?

For instance, imagine I'm writing a small TUI that allows you to browse jsonl files, and want to create a feature to enable natural language parsing. Is there an emerging standard for an implementation agnostic, "Translate this natural query to jq {natlang-query}: response here: "?

If we don't have this yet, what would it take to get this built and broadly available?

I built Gitmore. Connects via webhooks, tracks commits and PRs, and gives you one dashboard. AI answers questions about activity, sends weekly reports to Slack/email. Connect agent to slack which answers your questions directly from your workspace. https://gitmore.io (free for 1 repo).

Logi Options+ stopped working on macOS.

Because core settings depend on the app, I can't even change mouse acceleration, not just macros or shortcuts. Without the software, the mouse is basically unusable.

If hardware requires software to function, that software failing because of a missed cert renewal is pretty unacceptable.

Frasier is one of my favorite shows of all time. I love the characters, the writing, the acting, the whole kit and kaboodle.

I've been watching it on Prime and it's been driving me insane how drivel and nonsensical their season and episode AI overviews are.

Here is the overview for season eight:

  In the eighth season of Frasier we meet Daphne and Niles post elopement and dealing with Donny suing Daphne. Meanwhile, Frasier reluctantly becomes 'mentor' to station KACL's young new owner, Silicon Valley billionaire Kenny Daly

What is going on? Amazon's a billion fucking dollar company. Just pay for IMBD's overviews. Oh, that's right, Amazon owns IMDB because of course they do.

I am so sick and tired of this AI slop infecting everything.

Doing research is extremely frustrating these days. I feel like either I'm going nuts or search has been nerfed.

My search queries are frequently misinterpreted. Google, bing, duckduckgo have a strong recency bias and don't surface older webpages.

These problems get worse for niche and technical topics. I can't even find existing webpages that I know I've found / read about in the past.

What's going on? Why is the modern search experience so frustrating?

With rings, bands and sunglasses interface are popping up from various companies. Anyone trying to build software for it?

I'm looking for some books to help me practise and refine my skills as a developer and Engineer.

I'm currently working in python on a django project, working in a financial domain. I lead a few engineers and direct/manage some projects. But I feel like I'm missing out on something when I read about people making things in zig and rust, or how they apply some numerical modelling techniques to certain problems, plus the new technologies being developed. I feel like I'm very much not knowledgeable or distinguishable enough, so I want to refine my skill a bit and maintain "sharp" in case of something happening and i need to find a new job quickly. And i want to make sure that I'm learning all that I could be learning in my current position.

Some previous books I've read / enjoyed:

* The makings of an Expert Engineer * Designing data intensive applications (haven't finished, moved house and lost the book, want to pick it up again) * Designing Elixir Systems with OTP * Practical Common Lisp

I feel like I have learned a bit with the Elixir/CL books, inwhich I apply to how i write python, but I never branch out to doing my own projects in these languages, so I feel like I'm missing out on utilizing these tools fully.

Is there anything to read that could take me to the proverbial next level?

In small teams(~10), a lot of important work is recurring and operational: checks, reports, maintenance, follow-ups.

These tasks are rarely complex, but they’re easy to forget or assume "someone did it".

How do you assign and track recurring work in a small team?

Do you: - use task managers? - calendars? - informal routines? - just trust it gets done?

What actually works long-term?

Hey everyone

I usually listen to lo-fi while working or coding, so I made a small side project to collect the kind of lo-fi music I actually use.

It’s free to listen to, built with free music, and I coded it using React.

Nothing fancy — just something simple for focus and background vibes.

If anyone’s interested:

https://indiegoodies.com/lofi

Would love any feedback

I’ve been thinking about practical ways people reuse spare or unused Android devices instead of letting them sit in a drawer.

I’ve seen cases where phones are used for testing, monitoring, background tasks, or other always-online purposes after a one-time setup. No user interaction, just keeping the device connected and running.

Curious what real-world use cases others have actually found useful. Are there setups that worked well long-term, or things to avoid?

Not trying to promote anything here — genuinely interested in how people approach this.

Does an OS exist that provides a user with a private session. I mean no history, logging or tracking? I'm a journalist working on a sensitive story and need complete safety/secrecy. I already have TOR for internet but was wondering if there is a completely private OS.

Hello everyone, I have spent a decade in software testing and QA. I see Al taking over the field very fast. I want to prepare for the next five or ten years. According to you how the software testing field will evolve in the future? What should I prepare for it?

SWE with 10+ years of experience, I've shipped great products and worked commercially with Ruby/Rails, Node.js, TypeScript, and Golang.

I'm open to learning new languages.

I'm UK-based and have been struggling to secure a good remote role for an extended period.

I'm hardworking and bring substantial experience and strong execution skills. I can also handle management functions.

Is anyone else going through the same? Any help understanding why this is happening would be greatly appreciated.

Github https://github.com/shellandbull

Linkedin https://www.linkedin.com/in/mario-gintili-software-engineer/

Email code.mario.gintili [at] gmail [dot] com

What is something you learned (or had to re-learn) in 2025? New skills, insights, life lessons that could be worth sharing with the rest of the forum.

For me: I've been forced to relearn how important sleep hygiene is and that it is something that can fall away slowly resulting in misery. Maintaining a consistent be time is a chore but one that does make for a happier life.

Hi HN,

I built ProjectCLI (@dawitworku/projectcli) — a universal interactive CLI for developers who are tired of juggling multiple project generators.

Problem: Setting up a new project often requires learning dozens of commands: create-react-app, cargo new, poetry new, laravel new, etc. It’s tedious, error-prone, and repetitive.

Solution: ProjectCLI lets you scaffold *any project in minutes*: - Multi-language support: JS, TS, Python, Rust, Go, Java, PHP, C#, Dart, Swift, Ruby. - Multi-framework support: React, Next.js, Vue, NestJS, Express, Django, Flask, Actix, Axum, Rocket, Laravel, Symfony, Spring Boot, etc. - Interactive CLI with fuzzy search, smart defaults, and context awareness. - Preflight checks for missing tools. - Remote templates: clone any GitHub starter kit for instant scaffolding. - One-click CI/CD & Docker setup. - Non-interactive mode for automation or scripts.

Quick Start: ```bash npx @dawitworku/projectcli@latest # or globally npm install -g @dawitworku/projectcli projectcli Why I built it: I wanted a single tool that works across languages and frameworks, saves hours, and makes project bootstrapping fun and reliable.

GitHub: https://github.com/Dawaman43/projectcli

NPM: https://www.npmjs.com/package/@dawitworku/projectcli

I figured out this might be a good place to ask/raise this.

This is about the IBB program:

https://hackerone.com/ibb

A few months back, I reported two vulnerabilities that should get a $8000 payout or so. They got CVE numbers and got fixed months back.

It seems like the program is dead. Last report has been resolved 8 months ago. I have tried repeatedly to contact HackerOne through different channels, but got no response. This includes e-mailing the official IBB e-mail, e-mailing HackerOne people directly, reaching out through their forms and using mediation. There's total silence.

I searched social media for any mentions of this, but didn't see any communications.

It looks like the program is dead. The bounties are still being promised, but the reports are ignored - even for published CVE's that clearly do qualify for payouts according to the rules.

Does anyone know more about the situation? What shall be done here? Is the program dead?

I have a 6 year old daughter I want to get setup with a custom desktop. I am thinking about running a custom Linux distribution on an old iMac (form factor) and lock it down via custom DNS/keep it offline. Curious what you are running for your kids?

I have been an HN reader for over 10 years. For the past 3 days I have not been receiving any HN emails in my inbox. IIRC this is only the second time this has happened since I started reading HN posts. I prefer emails over jumping to the website. I am wondering if this is just happening to me or if others are experiencing the same issue as well.