2025-05-27

43 篇热帖

1. Square Theory (aaronson.org)

The story starts in Crosscord, the crossword Discord server. Over 5,000 users strong, the server has emerged as a central hub for the online crossword community, a buzzing, sometimes overwhelming, sometimes delightful town square where total noobs, veteran constructors, and champion solvers alike come together to talk about words that cross each other.

2. Hacker News now runs on top of Common Lisp (lisp-journey.gitlab.io)

Hacker News was written in the Arc lisp dialect, a dialect created by Paul Graham. Arc was implemented on top of Racket, but that has now changed. HN runs on top of SBCL since (at least) September of 2024.But why? For performance reasons. I recently noticed that Hacker News no longer uses paging for long threads. In the past, when a discussion grew large, we had to click “More” to load the next page of comments, and dang would occasionally post helpful tips to remind us about this feature.

4. Duolingo CEO tries to walk back AI-first comments, fails (htxt.co.za)

Duolingo CEO Luis von Ahn keeps putting his foot in it when it comes to conversations about AI.

5. How a hawk learned to use traffic signals to hunt more successfully (www.frontiersin.org)

库珀鹰利用交通信号捕猎的观察记录

Dr. Vladimir Dinets,田纳西大学动物学助理教授,在《Frontiers in Ethology》期刊发表文章,记录了库珀鹰(一种北美中型猛禽)在城市环境中如何利用交通信号提高捕猎成功率。观察发生在家附近的十字路口:当行人按下过街按钮时,红灯持续时间延长,车辆排成长队,同时交通灯发出声音信号提醒盲人安全过街。

捕猎行为细节:库珀鹰在声音信号响起后,从隐蔽的小树中飞出,沿车辆队列低飞,利用汽车作为掩护,接近房屋前的鸟类群(如麻雀、鸽子等),发起突袭。鹰只有在车辆排队足够长、提供完整掩护时才攻击,这需要它理解声音信号与队列长度的关联,并依靠心理地图记忆猎物位置。

智能与适应能力:观察中的鹰是未成熟的冬季迁徙个体,但迅速学会了利用交通信号。这体现了库珀鹰作为少数成功适应城市的猛禽,通过智能应对复杂环境中的危险(如车辆、窗户),提高生存效率。

动物利用车辆的广泛现象:文章提到其他例子,如乌鸦用汽车砸开坚果、鸟类以移动车辆为掩护躲避天敌,但库珀鹰的行为更突出,它整合了人类交通信号系统,展示了高级认知和学习能力。

意义:这一观察强调了动物行为的灵活性和智能在城市生态中的重要性,库珀鹰通过创新策略克服城市挑战,维持种群生存。

6. The Myth of Developer Obsolescence (alonso.network)

AI isn't replacing developers, it's transforming them. Just as NoCode created specialists and cloud turned sysadmins into DevOps engineers, AI elevates engineers from code writers to system architects. The most valuable skill isn't writing code, it's designing coherent systems.

7. Owls in Towels (owlsintowels.org)

Wildlife rehabilitators often wrap owls in fabric so they can be weighed, treated, and fed. If not, the owls get in a flap.

8. Pyrefly vs. Ty: Comparing Python's two new Rust-based type checkers (blog.edward-li.com)

I'm Edward Li, a Computer Science and Physics student at the University of British Columbia!

Previously, I worked at Google/GCP scaling OpenTelemetry within first-party teams, at Codegen building software agents and language servers, at HP on high-performant remote work software, and at Nokia creating distributed testing frameworks for fiber optic systems.

I also play CTFs with MapleBacon and MMM, build rockets with UBC Rocket, organize logistics for nwPlus, and foster communities at Atelier/Socratica.

This blog serves as a collection of my thoughts, projects, and experiences over the years. Feel free to explore!

10. Show HN: Porting Terraria and Celeste to WebAssembly (velzie.rip)

Absurdly cursed mono webassembly hacks, and a journey to create a project that definitely shouldn't exist

11. I salvaged $6k of luxury items discarded by Duke students (indyweek.com)

At the end of the school year, a lot gets tossed by Duke students at my downtown Durham apartment building. This year I decided to dive in.

12. DuckLake is an integrated data lake and catalog format (ducklake.select)

DuckLake delivers advanced data lake features without traditional lakehouse complexity by using Parquet files and your SQL database. It's an open, standalone format from the DuckDB team.

13. Claude 4 and GitHub MCP will leak your private GitHub repositories (twitter.com)

根据提供的内容,标题声称“Claude 4 和 GitHub MCP 会泄露你的私有 GitHub 仓库”,但实际提供的正文内容与标题描述完全不符。

实际正文内容是一个网站错误信息,主要内容如下:

  • 状态:出现错误。
  • 建议:无需担心,建议重试。
  • 原因说明:某些与隐私相关的浏览器扩展可能导致在 x.com 上出现问题。
  • 解决方案:建议用户禁用这些隐私扩展后再次尝试访问。

总结:所给文本的主体是一个通用的网站访问错误提示,与标题所暗示的“AI模型泄露GitHub私有仓库”的技术安全问题无关。提供的内容并未包含任何关于Claude 4、GitHub MCP或仓库泄露的技术细节、证据或说明。

15. Lossless video compression using Bloom filters (github.com)

This repo contains a new way to use bloom filters to do lossless video compression - new_bloom_filter_repo/README.md at main · ross39/new_bloom_filter_repo

16. Show HN: PgDog – Shard Postgres without extensions (github.com)

PostgreSQL connection pooler, load balancer and database sharder. - pgdogdev/pgdog

17. TeleMessage Customers Include DC Police, Andreessen Horowitz, JP Morgan,Hundreds (micahflee.com)

💡Update May 26, 2025: I've published the source code for TeleMessage Explorer: a new open source research tool

I've been digging through the 410 GB of Java heap dumps from TeleMessage's archive server, provided by DDoSecrets. Here's a description of the dataset, some of my initial findings, details about an

18. Highlights from the Claude 4 system prompt (simonwillison.net)

Anthropic publish most of the system prompts for their chat models as part of their release notes. They recently shared the new prompts for both Claude Opus 4 and Claude …

19. Power Failure: The downfall of General Electric (www.gwintrob.com)

Power Failure by William Cohan chronicles the spectacular collapse of General Electric, once America's most valuable company. From a $600 billion giant to near-bankruptcy, GE's downfall reveals how financialization and imperial CEOs destroyed a 130-year industrial icon.

21. Yes-rs: A fast, memory-safe rewrite of the classic Unix yes command (github.com)

🚀 A blazingly fast, memory-safe rewrite of the classic Unix 'yes' command. Written in Rust! 🦀 - jedisct1/yes-rs

22. Why is everybody knitting chickens? (ironicsans.ghost.io)

A couple years ago, my wife began knitting. And when she takes an interest in something, she goes all in. She’s a perfectionist about learning a new craft, so in a short amount of time, she’s gotten pretty damn good. I can’t even pretend to know anything

23. Why Cline doesn't index your codebase (cline.bot)

Here's a common question we get from prospective Cline users: "How does Cline handle large codebases? Do you use RAG to index everything?"

It's a reasonable question. Retrieval Augmented Generation (RAG) has become the go-to solution for giving AI systems access to large knowledge bases. But for Cline, we've taken a deliberately different path. We don't index your codebase, and this choice isn't an oversight, it's a fundamental design decision that delivers better code quality, stronger securit

24. FromSoft's singular mech game Chromehounds is back online (www.readonlymemo.com)

The PvP mech battler is finally playable online in Xbox 360 emulator Xenia, and I talked to the modder making it happen.

25. Mistral Agents API (mistral.ai)

The most powerful AI platform for enterprises. Customize, fine-tune, and deploy AI assistants, autonomous agents, and multimodal AI with open models.

26. Get PC BIOS back on UEFI only system (github.com)

Get PC BIOS back on UEFI only systems. Contribute to CSMWrap/CSMWrap development by creating an account on GitHub.

27. LiveStore: State management based on reactive SQLite and built-in sync engine (livestore.dev)

LiveStore is a state management framework based on SQLite and event-sourcing. It’s designed for demanding applications and based on years of research.

29. The Difference Between Downloading and Streaming (danq.me)

Mostly to make use of an animation I made for a different blog post that hasn't materialised, let me take a moment to explain to you the fundamental technical difference between 'streaming' and 'downloading'. Which won't take long... because there isn't one!

31. Data breach exposes 184M passwords, likely captured by malware (www.zdnet.com)

The file was left entirely unprotected - no encryption, no password, no safeguards - just a plain text document holding millions of sensitive data entries.

32. Calendars, Contacts and Files in Stalwart (stalw.art)

We’re excited to announce the release of Stalwart v0.12, a significant milestone that evolves Stalwart from a powerful mail server into a complete, integrated communication and collaboration...

33. TSMC bets on unorthodox optical tech (spectrum.ieee.org)

TSMC partners with Avicena to develop energy-efficient microLED-powered optical interconnects, revolutionizing AI data centers with cost-effective optical solutions.

34. The UI future is colourful and dimensional (www.flarup.email)

On the return of texture, depth, and expressiveness in UI.

35. Revisiting the algorithm that changed horse race betting (2023) (actamachina.com)

Explore Bill Benter’s iconic horse betting strategy, enhanced with modern code and contrasted against three decades of evolving data.

36. Dr John C. Clark, a scientist who disarmed atomic bombs twice (daxe.substack.com)

科学家约翰·克拉克两次解除核弹引信

1952年5月13日,美国内华达试验场进行“翻滚-狙击手”战术核武器测试。代号“狐狸”的15千吨当量核弹未能按计划起爆,滞留在300英尺高的测试塔顶,对周围数英里范围构成严重威胁。

作为原子能委员会测试负责人,约翰·克拉克博士面临解除引信的艰巨任务。他带领工程师赫布·格里尔和巴尼·奥基夫攀爬塔架(电梯已拆除),进入装有故障核弹的测试舱。通过内部电话连线控制中心进行实时汇报后,克拉克徒手拆解马克V型核弹外壳,逐步解除包括新型钋-铍中子发生器在内的内部点火系统。尽管核爆风险已排除,但装置内仍存有足量常规炸药。

值得注意的是,这已是克拉克第二次执行此类高危作业。1951年10月,在“破坏者-丛林人”行动中,他已成功解除代号“糖”的1.2千吨当量故障核弹。

事后调查发现,“狐狸”弹药故障源于配套仪表系统失效,该系统错误地覆盖了自动发射序列。12天后(5月25日),修复后的“狐狸”弹药成功起爆,约500名军事观察员和950名装甲步兵在前沿阵地记录了爆炸效应。

克拉克作为原子能委员会首席起爆专家,职业生涯中亲手引爆的核武器数量超过绝大多数同行。完成这次36小时连续作业后,他返回基地休息。

37. Just make it scale: An Aurora DSQL story (www.allthingsdistributed.com)

AWS Senior Principal Engineers, Niko Matsakis and Marc Bowes, take us inside Aurora DSQL's development: scaling write operations without two-phase commit, overcoming garbage collection hurdles, and embracing Rust for both data and control planes.

38. Trying to teach in the age of the AI homework machine (www.solarshades.club)

Trying to teach in the age of the AI homework machine.

39. Accessing private GitHub repositories via MCP (invariantlabs.ai)

We showcase a critical vulnerability with the official GitHub MCP server, allowing attackers to access private repository data. The vulnerability is among the first discovered by Invariant's security analyzer for detecting toxic agent flows.

40. The Art of Fugue – Contrapunctus I (2021) (www.ethanhein.com)

JS Bach’s last set of works, collectively titled The Art of Fugue, was published shortly after his death. It was not a big hit. Dense counterpoint was deeply unfashionable at that time, as We…

41. Creating Debian packages from upstream Git (optimizedbyotto.com)

In this post, I demonstrate the optimal workflow for creating new Debian packages in 2025, preserving the upstream Git history. The motivation for this is to lower the barrier for sharing improvements to and from upstream, and to improve software provenance and supply-chain security by making it easy to inspect every change at any level using standard Git tooling.\nKey elements of this workflow include:\nUsing a Git fork/clone of the upstream repository as the starting point for creating Debian packaging repositories. Consistent use of the same git-buildpackage commands, with all package-specific options in gbp.conf. DEP-14 tag and branch names for an optimal Git packaging repository structure. Pristine-tar and upstream signatures for supply-chain security. Use of Files-Excluded in the debian/copyright file to filter out unwanted files in Debian. Patch queues to easily rebase and cherry-pick changes across Debian and upstream branches. Efficient use of Salsa, Debian’s GitLab instance, for both automated feedback from CI systems and human feedback from peer reviews. To make the instructions so concrete that anyone can repeat all the steps themselves on a real package, I demonstrate the steps by packaging the command-line tool Entr. It is written in C, has very few dependencies, and its final Debian source package structure is simple, yet exemplifies all the important parts that go into a complete Debian package:\n