New stories

The article discusses the technical challenges faced by the author in porting the game Shufflepuck Café to the Apple II, an 8-bit computer, including issues with memory limitations, graphics and sound limitations, and the need for optimization and creative programming techniques to overcome these constraints.

Claude Code forgets everything between sessions. After months of heavy use, I had 1.6GB of JSONL session files buried in ~/.claude/projects/. Architecture decisions, debugging breakthroughs, and solutions I couldn't find again. There’s nothing more annoying that solving the same problem twice.

I tried RAG pipelines and local vector DBs, but they added complexity for a problem that's really just text search over structured files. So I built search-sessions: a single Rust binary that searches your session history directly. No database, no indexing step, no dependencies.

It supports two modes: index search (~18ms) for finding the right session, and deep search (~280ms with ripgrep, ~1s without) for matching against full message bodies. Each result includes the session UUID so you can resume any conversation with `claude --resume`.

The design choice that makes it work: skip the database entirely. JSONL files are already structured — just search them fast. Under the hood it's just files and a CLI, so it's easy to inspect, backup, and delete. You install it as a Claude Code skill, then ask "do you remember that auth refactor?" and Claude searches your history and picks up the thread. It also works with OpenClaw.

MIT licensed. macOS and Linux:

brew install sinzin91/tap/search-sessions

or

cargo install search-sessions

Curious what people think about exact vs fuzzy vs semantic search as a default — and which other coding CLIs you’d like supported.

Joplin, an open-source note-taking app, announces the removal of its warrant canary, a statement indicating the app has not received any secret government requests. The removal of the canary suggests Joplin may have received such a request, though the details remain unclear.

The Mexican government has seized a large quantity of powerful .50 caliber ammunition, with the defense minister stating that nearly half of it came from a U.S. Army plant. This raises concerns about the flow of illicit weapons from the U.S. to Mexico, where drug cartel violence remains a major issue.

Hey HN,

Most of us want to run autonomous agents like OpenClaw locally, right on our daily-driver machines. We want them to actually interact with our files, our IDEs, and our real local workflows.

But doing that right now is a security nightmare. A hallucinating (or hijacked) agent with raw system access is basically local remote code execution waiting to wipe a directory or leak an SSH key.

The current workarounds are terrible:

The Hardware Air-Gap: Buying a dedicated Mac Mini or a secondary cheap laptop just to run agents safely.

The Cloud: Spinning up a VPS, which adds annoying latency, costs money, and completely kills the "local-first" advantage.

Containers: Shoving the agent in a Docker container. It’s clunky, and it completely lobotomizes the agent because it can no longer see or interact with your actual host OS where your real work lives.

I got fed up and built Raypher.

Raypher is a bare-metal security architecture specifically designed for AI agents. It lets you run agents directly on your host machine while keeping them on a cryptographically tight leash.

How the Alpha works under the hood:

Zero-Touch Interception: You don't have to rewrite your Python/Node agent scripts. Raypher currently uses transparent system proxy injection (netsh portproxy on Windows) to catch all agent traffic automatically.

Hardware Identity: We bind the agent's session cryptographically to your physical TPM 2.0 chip.

The Policy Engine: Every request is evaluated against strict budget, domain, and time-restriction policies. If it tries to phone home to a weird domain, it gets blocked. It also runs local DLP to automatically redact API keys or any sensitive information that you can custom to be redacted before they hit the stream.

We will distribute it as a single script that sets up the interception and launches a local Command Center dashboard so you can watch your agents get secured in real-time.

(Transparency note: The heavy kernel-level eBPF/WFP hooks are currently in development, but this proxy MVP proves the hardware-bound Policy Engine actually works).

join the waitlist/architecture is at raypherlabs.tech to be the first to be notified when we launch

Hey all, I built babyshark, a terminal UI for PCAPs aimed at people who find Wireshark powerful but overwhelming.

The goal is “PCAPs for humans”: Overview dashboard answers what’s happening + what to click next

Domains view (hostnames first) → select a domain → jump straight to relevant flows (works even when DNS is encrypted/cached by using observed IPs from flows)

Weird stuff view surfaces common failure/latency signals (retransmits/out-of-order hints, resets, handshake issues, DNS failures when visible)

From there you can drill down: Flows → Packets → Explain (plain-English hints) / follow stream

Commands: Offline: babyshark --pcap capture.pcap

Live (requires tshark): babyshark --list-ifaces then babyshark --live en0

Repo + v0.1.0 release: https://github.com/vignesh07/babyshark

Would love feedback on UX + what “weird detectors” you’d want next.

The article discusses a pull request for the openai-python library, which includes improvements to the library's performance and functionality, such as support for parallel requests and better error handling.

OpenAI is expanding its enterprise offerings by bringing in consulting services to help businesses integrate its AI technologies. The article discusses OpenAI's plans to provide advisory services and custom solutions to drive the adoption of its AI products in the corporate sector.

The article introduces Strands Labs, a new open-source project that provides experimental approaches to agentic development, allowing developers to explore state-of-the-art techniques in artificial intelligence and agent-based systems.

I have 2,600+ notes in Apple Notes and can barely find anything.

My kid just dumps everything into Telegram saved messages. Running a small research - curious what systems people actually use (not aspire to use).

Do you have a setup that works or is everything scattered across 5 apps like mine?

Hey HN,

I got tired of the friction in building and sharing wishlists. Most platforms (like Amazon) are either walled gardens or require arbitrary account creation for the people actually trying to buy the gift, which leads to huge drop-off and everyone just reverting to texting each other.

I built wish.dog to be the fastest possible execution of a wishlist utility. The goal was: "From intention to a shareable list in under 30 seconds."

The Challenges:

The hardest part was engineering the "claiming" system for guests without requiring authentication. I had to compromise by asking for email, but mostly I rely on local storage and session fingerprints. I focused heavily on mobile performance since 90% of list-sharing happens via WhatsApp or similar.

It's completely free. I'd love feedback on the performance, the gifter experience, and the overall UI snappiness. Happy to answer any questions about the stack or the build!

The article discusses Huntarr, a tool that can scan and discover passwords and entire stacks of self-hosted applications. It highlights the security risks associated with poorly secured self-hosted services and emphasizes the importance of proper configuration and access control.

VibeCheck is a Chrome extension that helps users track their online record and review reputation, allowing them to manage their digital footprint and protect their privacy.

The article discusses three content-blocking tactics to help users avoid mindless scrolling: setting screen time limits, using content blockers, and implementing 'focus mode' features. These strategies aim to help individuals regain control over their digital consumption habits and foster more intentional engagement with online content.

ArchivioMD + ArchivioID — Markdown file management, cryptographic post signing, and Git-anchored integrity for WordPress

In February 2023, a developer named James Tomasino wrote about signing blog posts with GPG keys and ended with one line:

"If you're using WordPress, you'll need to find some other path forward."

That sat unanswered for two years. I built the path forward — and the foundation it runs on. Two GPL plugins.

ArchivioMD solves a problem every WordPress site on managed hosting hits eventually: you need files at the site root security.md, privacy.md, disclosure.md, robots.txt and you have no FTP access to put them there.

The plugin manages 30+ predefined Markdown documents from the WordPress admin, writes them to wherever the server will accept them (.well-known/meta-docs/ site root uploads fallback), and serves them via WordPress rewrite rules so they appear at the correct URL regardless of physical location. Every document gets a UUID, a checksum, and an append-only changelog. No more one-off file placements nobody can audit or reproduce.

On top of that: cryptographic hash verification for posts (SHA-256 through BLAKE3, HMAC mode, hash_equals() throughout), external Git anchoring that pushes JSON integrity records to GitHub or GitLab via a persistent queue with exponential backoff, HTML rendering of Markdown files, compliance tooling, and sitemap management. ArchivioID is the OpenPGP signing extension. Authors sign posts locally with their own GPG key — private key never touches the server.

A badge appears on published posts. Any reader can verify with standard GPG tools, no WordPress required. Server-side verification handles Ed25519 via libsodium, RSA and ECDSA via phpseclib v3. Browser signing via OpenPGP.js for editors who aren't comfortable with a terminal. Full audit log with CSV export. The proof outlives the platform.

ArchivioMD (WordPress.org): https://wordpress.org/plugins/archiviomd

ArchivioMD (GitHub): https://github.com/MountainViewProvisions/archiviomd

ArchivioID (GitHub): https://github.com/MountainViewProvisions/ArchivioID/release... PHP 7.4+, WordPress 6.0+, phpseclib v3, OpenPGP-PHP, OpenPGP.js, libsodium, GPL-2.0.

I've built the MVP for a fintech app but i have not pushed it into agentic territory yet. How do you think about doing this with existing tools (recs?) against the accumulation of tech debt a technical partner will eventually have to unwind?

Hi HN,

I built Habitless because I found that most trackers focus on building new routines, but the psychological challenge of quitting an addiction (like nicotine, alcohol, or even social media) requires a different approach.

I wanted a high-precision dashboard that treats recovery like a mission. I just released an update that adds iCloud sync and milestone notifications.

Key features:

Precision Streak Counter: Tracks your progress down to the second.

Financial Savings: A real-time tracker showing exactly how much money you’ve reclaimed.

Privacy: No third-party tracking. All data is backed up via iCloud/CloudKit.

Milestone System: Psychological badges to gamify the recovery process.

I’d love to hear your thoughts on the UI or the iCloud implementation.

App Store: https://apps.apple.com/us/app/habitless-quit-addiction/id675...

The Intel Management Engine (ME) is a proprietary technology embedded in Intel CPUs that provides a separate computing environment with direct access to system hardware and memory. It has raised concerns about security and privacy due to its potential for remote administration and the lack of transparency in its functionality.

Break bad habits and track your recovery.

Break the cycle. Reclaim your freedom. Habitless is the science-backed tracker built specifically for the discipline of quitting. Whether it’s smoking, alcohol, vaping, or social media, Habitless provides the visual proof and psychological tools you need to stop addictions for good and stay sober. WHY HABITLESS? Most apps track new routines. Habitless tracks your freedom. By combining high-precision streak counting with real-time financial savings, we turn your recovery into a rewarding journey you can actually see.

KEY FEATURES • Precision Streak Counter: Track your sobriety down to the second. See exactly how long you’ve been habit-free with our emerald-on-black interface. • Financial Savings Tracker: See the real-world impact. Input your daily spend on cigarettes or drinks and watch your total savings grow in real-time. • Milestone Journey & Badges: Unlock 20+ psychological badges as you progress from "24 Hours Clean" to "Long-term Freedom." • Smart Notifications: Stay motivated with alerts the moment you hit a new milestone or savings goal. • iCloud Sync & Backup: Your progress is safe. All streaks and savings are automatically backed up and synced across your Apple devices. • Relapse Insights: Log triggers like Stress or Boredom to identify patterns and strengthen your defense for your next streak. WHAT YOU CAN QUIT: • Substances: Quit smoking, stop vaping, stay sober from alcohol, or track weed-free days. • Health: Cut out sugar, quit junk food, stop caffeine, or end binge eating. • Digital: Break social media addiction, stop mindless scrolling, or quit gaming. • Finances: Stop impulse shopping, gambling, or expensive daily habits. TOTAL PRIVACY & DESIGN Your journey is personal. Habitless features a minimalist, private interface with no ads. We prioritize your focus on recovery. Disclaimer: Habitless is a tracking tool and not a substitute for professional medical advice or addiction treatment. Always consult a healthcare provider for medical concerns.

The article discusses the potential of using artificial agents, such as chatbots and virtual assistants, to aid in the coding and software development process. It explores the various ways agents can be leveraged to enhance productivity, streamline workflows, and provide intelligent assistance to developers.

This paper proposes a novel deep learning architecture for text understanding, demonstrating state-of-the-art performance on various natural language processing tasks across multiple datasets.

Google is testing a reverse image search tool that allows users to search for websites and information based on an image, rather than a text query. This new feature raises privacy concerns as it could potentially be used to identify individuals in images without their consent.

The article explores how write locks can be implemented more efficiently by using a per-thread queue and a shared lock, reducing contention and improving performance compared to traditional lock-based approaches.

The article discusses the benefits of bootstrapping a business rather than raising venture capital (VC) early on. It highlights the advantages of maintaining control, avoiding dilution, and building a sustainable business model through bootstrap financing.

The article discusses the AWS Builder, a platform that enables developers to create and deploy cloud-based applications, with a focus on ease of use, scalability, and integration with AWS services.