New stories

The article describes a macOS command-line tool called 'macmon' that provides a simple way to monitor and manage network connections, with features like detecting duplicate MAC addresses, monitoring network traffic, and listing connected devices.

Built this over the weekend inspired by levelsio's viral flight sim last year. Uses Google's Photorealistic 3D Tiles for actual SF terrain - you're flying over real buildings.

Multiplayer via WebSockets. You can dogfight strangers over the Golden Gate.

Stack: Three.js and 3D Tiles Renderer.

Would love feedback on the flight physics - still tuning it.

The article explores the concept of 'land value capture' as a potential solution to revitalize struggling retail districts. It discusses how this approach, which involves leveraging the increased land values generated by public investments, could be used to fund infrastructure and support local businesses in these areas.

Hey HN

Luke here.

I built nono and got it out quick then I expected, in response to the openclaw carnage, but its use is beyond openclaw.

The problem: AI agents execute code on your machine. Prompt injections, hallucinations, or compromised tools can read ~/.ssh, exfiltrate credentials, or worse. Application-level sandboxes can be bypassed by the code they're sandboxing.

I have been around security for a long old time now (i started something called sigstore a few years back) and have seen this pattern so many times before.

The solution pitch: nono uses OS-level isolation that userspace can't escape:

Linux: Landlock LSM (kernel 5.13+) macOS: Seatbelt (sandbox_init) After sandbox + exec(), there's no syscall to expand permissions. The kernel says no.

What it does:

nono run --read ./src --allow ./output -- cargo build nono run --profile claude-code -- claude nono run --allow . --net-block -- npm install nono run --secrets api_key -- ./my-agent

Filesystem: read/write/allow per directory or file Network: block entirely (per-host filtering planned) Secrets: loads from macOS Keychain / Linux Secret Service, injects as env vars, zeroizes after exec

Technical details:

Written in Rust. ~2k LOC. Uses the landlock crate on Linux, raw FFI to sandbox_init() on macOS. Secrets via keyring crate. All paths canonicalized at grant time to prevent symlink escapes.

Landlock ABI v4+ gives us TCP port filtering. Older kernels fall back to full network allow/deny. macOS Seatbelt profiles are generated dynamically as Scheme-like DSL strings.

Limitations:

macOS: Currently allows all reads to make executables work. Tightening in next release. Linux: Landlock doesn't cover everything (no UDP filtering until recent kernels, no syscall filtering - that's seccomp territory) No Windows support (yet?)

Origin:

Built this for OpenClaw (AI agent platform handling Telegram/WhatsApp messages). Needed real isolation, not "please don't read this file" isolation. Generalized it because every agent runner has this problem.

GitHub: https://github.com/lukehinds/nono Docs: https://docs.nono.dev Site: https://noto.sh

Apache 2.0. Would love feedback on the security model, especially from folks who've worked with Landlock or Seatbelt. Having said that, the code needs a good tidy and I am not exactly proud of it, so go easy on me!

Kalynt is an open-source, low-code platform that enables developers to build robust web applications quickly. The platform provides a visual development environment, pre-built components, and automated deployment tools to streamline the application development process.

The article discusses the declining profitability of the smartphone industry, with Apple and Samsung facing increased competition and margin pressure. It explores the factors contributing to this trend, including the saturation of the high-end market and the rise of Chinese manufacturers.

The article describes how a researcher was able to bypass the copy protection of a 40-year-old hardware dongle, providing insights into the evolution of digital security and the ongoing battle between protection measures and those seeking to circumvent them.

Hey HN!

I built bullstudio, a modern dashboard for BullMQ that you can run like Prisma Studio:

npx bullstudio -r <redis_url> → it starts a local web UI (default http://localhost:4000) and opens your browser.

Why I built it In BullMQ-heavy projects, I kept losing time answering the same questions: Which queues are unhealthy? What’s failing right now? Where is this flow stuck? I’d bounce between logs, Redis inspection, and ad-hoc scripts. I wanted a “start it in seconds” UI that’s easy to point at any environment.

What it does today

Overview: queue health + throughput/failure trends

Jobs: browse + filter/search, inspect payload/attempts/stack traces, retry failed jobs

Flows: interactive parent/child visualization with live state updates

Repo: https://github.com/emirce/bullstudio

What I’d love feedback on

What are your “must-have” ops features for BullMQ (stalled detection, worker liveness, read-only mode, alerts, etc.)?

Payload safety: what defaults do you expect (truncation, masking keys like password/token, etc.)?

For teams with many queues/environments: what makes a dashboard feel production-ready?

Happy to answer any questions or add missing features if there’s demand.

The Chernobyl exclusion zone is a restricted area established around the site of the 1986 Chernobyl nuclear disaster in Ukraine. It remains highly radioactive, requiring ongoing monitoring and management to ensure public safety.

The issue discusses problems with the Jellyfin Tizen app, including crashes, playback issues, and missing functionality. Developers are working to address these problems and improve the app's stability and features.

The article discusses how a congestion toll implemented in Manhattan has led to improved traffic flow and reduced commute times in surrounding suburban areas, as drivers are incentivized to use alternative transportation or adjust their travel patterns.

The article discusses how to execute ChatGPT-generated scripts without leaving the ChatGPT interface, using a tool called Replit that allows users to run code directly within the ChatGPT conversation.

99helpers.com offers a collection of free online tools for various tasks, including file conversion, text manipulation, code formatting, and more. The website aims to provide a convenient and user-friendly platform for accessing a range of practical tools to enhance productivity and simplify common digital tasks.

The article discusses how the rapid advancements in artificial intelligence (AI) technology are likely to put pressure on Apple's profit margins, as the company faces increased competition from AI-powered services and devices offered by rivals like Google and Amazon.

The article reports that President Trump joked about suing Federal Reserve Chair Jerome Powell if he does not lower interest rates, highlighting the president's ongoing criticism of the Fed's monetary policy decisions.

After witnessing what is being said about the AI Botlers (like OpenClaw/Moltbot/Clawdbot), I believe UIs will start melting big time.

The point, click and type era is over.

Voice will take over as the primary interface.

UIs will be adaptive and enabled on demand.

There will be an AI agent layer on every single PC out there.

Since privacy will be an issue, "Shazam-like" filters will inhibit uncleared capture of voice.

Makes sense?

The article presents a simple trick to perform a dry run of shell commands without actually executing them, allowing users to preview the effects of their commands before running them for real. This technique involves using the `echo` command to print the commands instead of executing them directly.

The article examines the relationship between Palantir, a data analytics company, and Jeffrey Epstein, a convicted sex offender. It explores allegations that Palantir received financial backing from Epstein and investigates the company's connections to the Epstein scandal.

The article discusses a study that found microdosing psychedelics appears to be as effective as drinking coffee for treating depression, suggesting that the placebo effect may play a significant role in the perceived benefits of microdosing.

The article discusses the growing popularity of generative AI tools like ChatGPT, their potential impact on various industries, and the need for responsible development and regulation of these emerging technologies.

This article provides an overview of the Nostr (Notes and Other Stuff Transmitted by Relays) protocol, a decentralized, censorship-resistant social network. It highlights various resources, libraries, and applications related to Nostr, making it a comprehensive guide for developers and users interested in exploring this emerging technology.