Ask stories

Curious whether AI tooling are making engineers more productive with more free time or more productive with even less free time.

Lately, I’ve noticed a new trend on X: Devs (and indie hackers in particular) are ditching cloud providers and jumping straight to bare-metal servers like Hetzner.

Honestly, I think the big cloud companies just haven’t kept up. Their services feel clunky compared to the standalone alternatives. Just try comparing Vercel’s dev experience to Amplify’s, and you’ll see what I mean. On top of that, AWS has gotten way stingier with startup credits.

Put those two together, and it’s no surprise fewer people are hosting their MVPs on AWS. It’s tough to stay under $150/month with a database and a server, while on bare metal you can grab 16 GB RAM for around $20/month.

- Do you think the cloud is actually losing ground? - And for those using bare-metal: how do you handle DB backups, CI/CD, and pulling logs? - Would you scale something using bare-metal servers?

[Carlos](https://github.com/clostao)

What are you working on? Any new ideas that you're thinking about?

This past Friday afternoon, a member in our Discord server reported a phishing email pointing to a fake login page.

We took up to research it and because of clumsy decisions by the attacker we got their GitHub and their operational Telegram bot.

Screenshots: https://imgur.com/a/FTy4mrH

Sometimes the attacker incompetence can be a defender's best weapon ¯\_(ツ)_/¯

The phishing page was a standard clone of an "email", unbranded anf generic service. A bit of gobuster reconnaissance and we got the site's .git directory publicly accessible and listing its contents.

Inspecting of the requests also got us the first Telegram bot token. This is the digital equivalent of leaving the blueprints to your entire operation, including past versions and deleted files, lying on the front lawn.

We pulled the repository, found automated deployments and multiple fake pages with different hardcoded Telegram bot tokens and Chat IDs.

With the source code, repo and the active Telegram bot token, we filed detailed abuse reports:

- GitHub: We reported the repository containing the phishing kit's source code. It was taken down for violating TOS.

- Telegram: We reported the bot using the provided token and chat ID, leading to its removal.

- Hosting Provider: The malicious site was reported and taken offline.

Lesson learned? Never deploy a .git folder to production. Even if you are a criminal.

Acknowledgement: This was a collaborative effort by members of the BeyondMachines Discord community. The crowdsourced speed and collaboration helped us take this down very fast.

One big problem I have with pomodoro apps: they disappear. Even when the timer's running, I forget about it.

So I built a macOS app that runs as a persistent, always-on-top sidebar. When you collapse it, it becomes a 3px colored progress bar.

That constant visual reminder helps my time-blindedness stay on track.

Curious if anyone else struggles with the same thing.

Looking for some inspiration for some books to read during the Christmas holidays

Complete MCP traffic analysis tool with desktop app for Mac, Windows GitHub: https://github.com/mcp-shark/mcp-shark Web: https://www.mcpshark.sh/

Signing up for classes and I am debating between a Natural Language Processing class and a LLM engineering class. Which one is the better option? I feel like there’s been a lot of recent discourse about LLMs becoming irrelevant in the near future.

Natural Language Processing: Introduces the computational modeling of human language; the ongoing effort to create computer programs that can communicate with people in natural language; and current applications of the natural language field, such as automated document classification, intelligent query processing, and information extraction. Topics include computational models of grammar and automatic parsing, statistical language models and the analysis of large text corpora, natural language semantics and programs that understand language, models of discourse structure, and language use by intelligent agents. Course work includes formal and mathematical analysis of language models and implementation of working programs that analyze and interpret natural language text. Knowledge of statistics is helpful.

Engineering LLM-Integrated Systems: Studies the software engineering foundations for systems that integrate large language models (LLMs). Examines how LLM-integrated systems turn natural language instructions into actions. Offers opportunities to build systems with natural and fluid interfaces, integrate them with existing software, rigorously test their behavior, and understand their failure modes and limitations.

Not sure which one will be more helpful! For context I am a data science major but interested in working in machine learning in the future!

We now have IG/TikTok/YT Shorts. First it was mails instead of letter, text/fb instead of mails, then images, then videos, now shorter videos. We might also fill in for the other senses, not sure, but then that's the end of the line.

There is no reason to assume that things will change direction, unless there is some force that makes it so. I am trying to think of a scenario where people would do more of something archaic like reading in the future, than they do now.

What could that be? I can't come up with anything. Does it matter? Can we be fine without reading?

literal shower-thought i had tonight as i was thinking about how at work we all don't like dealing with our helm charts because the syntax and structure ends up looking so ugly and it just feels wrong (not to mention the multiple different approaches of handling kubernetes resources in multiple different pipelines.

i try to see beyond any initial repulsion to weird looking code because i know that it may be super functional. but it got me thinking: what makes code beautiful? what makes code "high quality"? (other than that it results in a working, performant, and robust software program obviously).

so i'm curious -- can you show me the best code you've encountered? it can be a small snippet or it can be a "slice of a library" or an architecture etc. have you written anything yourself that you are super proud of?

I keep finding myself commenting on threads and then forgetting to check back. HN doesn’t have built in notifications, so I’m curious how people here actually keep track of discussions they are part of.

What’s the best workflow you’ve found to follow active conversations without missing replies?

Race condition, producer consumer, and cool stuffs like that? I do java

I was recently laid off at a big tech company after 10 years. And now I am facing the harsh reality of trying to crack leetcode medium/hard problems (something I never managed to do routinely while I was working at this company). Is anyone here in a similar situation or has been in one? If so, how do you keep yourself motivated to solve multiple problems a day, especially knowing you are actually never going to work on such problems as part of an actual job?

Edit: I need to practice leetcode because the interview process for almost every software engineering role (especially in the Bay Area) seems to require going through at least one round of coding challenge based on leetcode medium/hard problem. I did not call it out earlier because I thought this is a very obvious point. Perhaps, I should have clarified that I am mostly targeting software engg roles.

Only two kinds of engineers climb the success ladder in today's cut-throat IT environment (especially in India):

1. The people pleaser types who know how to use the right technical vocabulary, massage the ego of superiors, attend parties, etc. They typically grow into project managers and IDU heads.

2. The dependency creator types who isn't just a nerd but also knows how to keep control of their systems in their own hands, share only little or ambiguous information rather than open source all knowledge, maybe even fake bugs every now and then to signal who really controls the show, etc. These grow into software architects, CTOs and other roles.

If you aren't one of these two types, a long-term career in corporate IT isn't really for you. You might gain some experience for a while but eventually end up being used or becoming punch bags for these other two types.

Whatever I do and learn no progress is going to happen in my country(nepal).

There is no benefit of having merit in Nepal. Private jobs are already low paying. Remote jobs do not come generally to Nepal.I see remote jobs love India and south east asia. I do not get the point of remote job if they are hiring from specific country. The only thing I can do in nepal is public service commission (civil services) and crack computer engineer. But the pay is meagre there as well, unless I am lucky enough to enter central bank of Nepal(NRB).

Honestly, it feels like I am pushing not just a wall but universe itself in Nepal. Because nothing is going to happen irrespective of my abilities. I am currently preparing for PSC and I do not believe I will be happy as a PSC engineer even if I end up at NRB(central bank).

Something feels missing inside me. I have took countless therapies and what not. They helped me a lot to be where I am at now. I feel scared to try opportunities out of my comfort zone (kathmandu is my comfort zone).

As an adult, nobody pushes you, you have to push yourself. I am in a serious deadlock internally. I can decrease the effect using yoga and meditation but that does not troubleshoot the cause. Personally, I want to pursue something academic away from nepal. I believe that would provide me the much needed confidence in my life.

As a tech parent I think one of the best things I did for both my son and daughter was for their first computer to help them to build and setup their own Linux computer (It was Ubuntu back then but they’ve both moved themselves to Arch these days).

We went together and bought a second hand desktop (exciting the people selling to us also) and when I got home I pulled out the Ram, HD and CD drive and set them aside; and then together with a screwdriver we “built the computer” over a few days.

In windows when a child goes searching the web for a “movie maker for windows” they are going to be in a world of hurt either finding expensive commercial options or super scammy sites promising the world.

By comparison on Linux if they search the local “app store” they’ll find stacks and stacks of free, useful, open licensed software.

My kids loved the power, freedom and later unexpected community this bought them.

Now my friend wants the same for their daughter who is 8 years old.

I’m planning to do the same and go with her parents and her and buy a second hand desktop together and then put Linux on it.

My question is where would you go from there? What suggestions do you have? What to install? Any mini “curriculums” or ideas?

Would love to hear your ideas and experiences. Linux with free and open software is the goal and focus.

I’ve been asking myself this question a lot lately because I’m pursuing a CS degree but I’ve been second guessing my decision because all I ever hear about now is people either getting laid off or new graduates having a hard time landing entry level roles, never mind the AI of it all not that I believe it is a feasible replacement for actual programmers but at the same time it’s hard to tell if it has the potential to be that later on. I’m still a couple years shy of graduation but it doesn’t seem like enough time for things to improve if ever.

Just saw the CEO of Substack celebrating traffic from X/Twitter shooting up thinking they stopped suppressing tweets with links[0]. Actually, this traffic is because now any time you open a tweet with a link, the in-app webview loads in the background, and displays when you press the link.

I run an ecom store that gets a lot of its customers from Twitter. I was also shocked to see my traffic double or triple overnight and thought the algorithm had blessed me and my business. Soon realized what was actually happening. Thought other traffic-monitors might appreciate this explanation.

Meanwhile Nikita Bier is pretending they never suppressed tweets with links to begin with, offering the alternative explanation: "a common complaint is that posts with links tend to get lower reach. This is because the web browser covers the post and people forget to Like or Reply. So X doesn't get a clear signal whether the content is any good"[1]. A bit of a rewriting of history since Elon and his mom both tweeted about how it wasn't fair to use his platform to promote other links/platforms, even banning people who shared profiles of other social networks (including Paul Graham for a period). They suppressed all links shortly after.

[0] https://x.com/cjgbest/status/1985464687350485092

[1] https://x.com/nikitabier/status/1979994223224209709

Please state the location and include REMOTE for remote work, REMOTE (US) or similar if the country is restricted, and ONSITE when remote work is not an option.

Please only post if you personally are part of the hiring company—no recruiting firms or job boards. One post per company. If it isn't a household name, explain what your company does.

Please only post if you are actively filling a position and are committed to responding to applicants.

Commenters: please don't reply to job posts to complain about something. It's off topic here.

Readers: please only email if you are personally interested in the job.

Searchers: try https://dheerajck.github.io/hnwhoishiring/, http://nchelluri.github.io/hnjobs/, https://hnresumetojobs.com, https://hnhired.fly.dev, https://kennytilton.github.io/whoishiring/, https://hnjobs.emilburzo.com, or this (unofficial) Chrome extension: https://chromewebstore.google.com/detail/hn-hiring-pro/mpfal....

Don't miss this other fine thread: Who wants to be hired? https://news.ycombinator.com/item?id=45800464

I have spent the last few days trying (and failing) to find real cases where AI agents actually scale in production. Outside of coding agents and dev-productivity tools, I am struggling to see anything that looks like a genuinely scalable agent system.

Most of what people are calling “agents” today are basically deterministic workflows with one or two LLM calls glued together. That is not an agent. That is a at best API pipeline.

So I am genuinely curious: are there any real examples of agents handling large, messy, multi-step workflows at scale? Not demos, not toy projects, not VC decks.

Is anybody still using TUI applications for business?

My family company is a wholesale distribution firm (with lightweight manufacturing) and has been using the same TUI application (on prem unix box) since 1993. We use it for customer management, ordering, invoicing, kit management/build tickets, financials - everything. We've transitioned from green screen terminals to modern emulators, but the core system remains. I spent many summers running serial and ethernet cables.

I left the business years ago to become a full time software engineer, but I got my start as a script kiddie writing automations for this system with Microsoft Access, VBA, and SendKeys to automate data entry. Amazingly, they still have a Windows XP machine running many of those tasks I wrote back in 2004! It's brittle, but cumulatively has probably saved years of time. That XP machine could survive a nuclear winter lol.

I recently stepped back in to help my parents and spent a day converting many of those old scripts to a more modern system (with actual error-handling instead of strategic sleep()s and prayers) using Python and telnetlib3. I had a blast and still love this application. I can fly around in it. Training new people was always a pain, but for those that got it—they had super powers.

This got me thinking: Are other companies still using this type of interface to drive their core operations? I’m reflecting on whether the only reason my family's business still uses this system is because of the efficiency hacks I put in place 20+ years ago. Without them, would they have been forced to switch to a modern cloud/GUI system? I’m not sure if I’m blinded by nostalgia or if this application is truly as wonderful as I remember it.

I’d love to hear if and how these are still being utilized in the real world.

P.S. The system we use was originally sold by ADP and has had different names (D2K, Prophet21). I believe Epicor owns it now (Activant before).

P.P.S. Is anybody migrating their old TUI automation scripts to a more modern framework or creating new ones? I’m super curious to compare notes and see what other people are doing.

I am a software engineer with about 20 years of experience, and lately I have felt a bit lost about what to do going forward.

For the context, I have always been passionate about software engineering, I started very young and have worked in it non stop every since. I mostly worked broadly in web development and have pretty-much mastered all areas and layers of the stack (infra and cloud, databases, backend, network, front-end and even a bit of mobile...). I've also been an indie game dev on my free time ever since.

For the last 5~10 years I have not been evolving or learning anymore in my daily job, and feel that I've basically seen everything. It only feels repetitive, and as I've lived through many tech bubbles, I don't get much interested in the major trends because the fundamentals are the same and everything old gets new again.

Over the years, I've worked in many companies, from big ones to fresh startups, B2B and B2C, in direct and as a contractor as well as web dev agencies. I've also found out that while I like tech leading and the various design and spec phases of software, I don't like managing people. I do not want to evolve as a CTO either because of those reasons and the endless meetings. But the industry seems to think that the normal path forward is to quit being a developer and manage people instead, which is a totally alien idea to me because it involves completely different skills and knowledge.

I am now at a step in my career where I find it impossible to find a company where my knowledge and experience is really valued and useful. I'm often the most senior, more than even the managers and CTOs, but have less power or influence and am just another cog in the machine. I see the mistakes being made and know what it will cost (because I've been there and done that many times), I do my best to explain that and recommend alternatives, but more often than not it still happens anyway.

I've long considered switching to game dev professionally since I find that it has a lot more fun and interesting challenge, and I yet have lots of things to learn there. But as a husband and a dad, the reputation of the industry (low salary and crunch time) makes it difficult to seriously consider. I'm now thinking that freelancing my be my best bet going forward, and then explore and build things from here.

I know that there are more senior (30, 40+ years...) people around here, so I'm curious to hear your experiences. Did you ever feel the same way, what did you do and how did you finally find a satisfying daily job?

Theoretically, what would be the downside of replacing expensive CEOs with AI agents?

Not many job openings available, pay is bad etc - that seems to be the current reality of the job market.

Those who are currently (or recently) interviewing, got job offers - what was the process like? Ignoring the FAANG companies for a second - how has the hiring process changed in the last 1-2 years, in the era of AI?

Are we still forced to solve leetcode type problems? Take home exercises? Could you please share your experience? Especially for mid-to-senior level programmers

As I understand, the popular consensus today is that nginx+php-fpm performs faster than apache even with the mpm_event process management enabled?

But when it comes to real world usage, many production instances I observe these days still deploy apache a lot. Even cpanel based web hosting (shared or dedicated instances) are more often apache based than nginx.

Is it due to some old habits and dependence on apache specific features like .htaccess support? Or is it the case that apache has actually caught up in the race with ngnix and the performance difference is quite negligible these days?

I'm a junior. Truth be told, I don't really care if professionals/adults see my code or pick it apart/mock it/fork it or whatever. All my repos are private just because I worry about other students being lazy and just ripping my hard work and claiming it as their own. That really pisses me off when I hear some horror stories like that.

Is this unfounded? Or do I have a right for some concern? It's obviously easier for viewers to just see public code repos and browse without ever requesting access so I know I'm losing some traffic (from my portfolio site)

I was thinking the alternative would be just linking my demo on my portfolio site as a proof of concept that yes I made it, yes it works, and if you're curious , here's a link to the code u can request independently of github.

Thank you in advance.