News Nug
Frequent reauth doesn't make you more secure

Published: 2025-06-12 | Origin: Hacker News

The passage discusses frustrations with frequent re-login requirements and multi-factor authentication (MFA) challenges that disrupt workflow and lead to MFA fatigue, making users more vulnerable to phishing attacks. It highlights a shift in understanding security practices, noting that constantly changing passwords and frequent logins are not effective strategies. Instead, security should focus on how access is managed and the ability to quickly respond to policy changes. There are two main types of authentication: Identity Providers (IdPs), which verify user identity, and integrated authentication

Wrong ways to use the databases, when the pendulum swung too far

Published: 2025-06-12 | Origin: Hacker News

The author reflects on their time as a junior developer at a previous employer, sharing a cautionary tale from their experiences. They describe joining a team that had inherited a highly critical pipeline from an offshore group, which was essential to the company's financial performance. The development environment was challenging, with complex systems and a cumbersome build process that required extensive time and setup, including working within virtual machines. The infrastructure was fraught with issues, such as unreliable tests, frequent outages, and numerous undocumented features. A particular

Have a damaged painting? Restore it in just hours with an AI-generated "mask"

Published: 2025-06-12 | Origin: Hacker News

The MIT News office provides images for download under a Creative Commons license, allowing non-commercial use with appropriate credit given to "MIT." In the realm of art restoration, traditional methods involve meticulous repairs by conservators, which can take extensive time. Recent advances in digital restoration tools allow for the rapid creation of virtual representations of original works using computer vision and image recognition techniques. However, until now, there was no effective way to apply these digital restorations directly to the physical artwork. A new method

Faster coding isn't enough

Published: 2025-06-12 | Origin: /r/programming

The conversation around AI in software development has primarily centered on coding assistants and inline suggestions. However, as engineering organizations evolve their AI strategies, research from Dev Interrupted and LinearB reveals untapped opportunities and bottlenecks across the software development lifecycle (SDLC). A survey of over 400 engineering leaders and developers shows that while AI adoption in coding workflows is high, other critical phases of the SDLC remain underutilized. Experts, including Suzie Prince from Atlassian, Birgitta Böck

Solving LinkedIn Queens with SMT

Published: 2025-06-12 | Origin: /r/programming

The author discusses their upcoming talk at Systems Distributed, noting that they are behind schedule and their newsletter is brief. They reference an article claiming that SAT solvers are underutilized in the industry and connect this to previous discussions about the challenges of encoding SAT problems. A notable example is Ryan Berger's post on solving a variation of the N-Queens problem, termed "LinkedIn Queens," using SAT. The problem involves placing N queens on an NxN grid based on specific rules, which Ryan encoded as

Neovim and LSP Servers Working with Docker-based Development

Published: 2025-06-12 | Origin: /r/ruby

The author is updating their Docker-based Dev Environment Book to include instructions on setting up a Language Server Protocol (LSP) server worker within Docker, focusing on its integration with Neovim through the lsp-config plugin. Although the process is somewhat challenging, it is manageable. The author acknowledges limited familiarity with Neovim but hopes to assist fellow Vim users. The LSP, developed by Microsoft, enhances code editing in environments like VSCode by allowing semantic understanding of code, distinguishing it from traditional string

iPhone 11 emulation done in QEMU

Published: 2025-06-12 | Origin: Hacker News

The content emphasizes the importance of user feedback and indicates that technical documentation is available. It discusses QEMU, an open-source machine and userspace emulator that can emulate a complete machine without hardware virtualization support, achieving good performance through dynamic translation. QEMU can run operating systems designed for one architecture on a different architecture and provide userspace API virtualization. It integrates with hypervisors like Xen and KVM for enhanced performance and is utilized in various applications via the libvirt library. QEMU is licensed under the

Breaking My Security Assignments

Published: 2025-06-12 | Origin: Hacker News

The author discusses their experience with a security module assignment involving a barebones virtual machine (VM). The VM requires updates to be installed to complete assignments and obtain tokens for submission, but the update files are encrypted and appear as unreadable data. The author suspects that the update files contain the needed tokens and decides to investigate the decryption process. They examine the `installUpdate` executable in the VM, discovering that the updates are GPG encrypted tarballs. The executable references a file containing a pass

The international standard for identifying postal items

Published: 2025-06-12 | Origin: Hacker News

The Universal Postal Union (UPU), a UN agency, has established the S10 standard for tracking postal items, which defines a 13-character format used globally for parcel tracking numbers. A recent experience receiving a parcel from Switzerland highlighted that the format of the tracking number (UT038926726CH) aligns closely with the UK's tracking system. This prompted curiosity about the compatibility between different postal services. The S10 standard assigns each country's postal service exclusive rights to generate S10 codes, incorporating details about the

Show HN: Tritium – The Legal IDE in Rust

Published: 2025-06-12 | Origin: Hacker News

The content suggests that users can load an example contract by navigating to the "File" menu and selecting "Open Example."

A receipt printer cured my procrastination

Published: 2025-06-12 | Origin: Hacker News

The author, who started a business at 21 and is now 39, focused on creating custom apps and consulting for accounting software. They struggled with procrastination, often needing stress from clients or financial pressure to motivate themselves. This led to burnout and eventually bankruptcy. They realized they could concentrate intensely on video games, prompting them to explore how to apply that focus to challenging tasks. The author attributes some of their struggles to ADHD, acknowledging its broad impact on people's lives. Using first-person shooters (

How JavaScript Was Written Back In the Day

Published: 2025-06-12 | Origin: /r/programming

Trevor I. Lasn, a Staff Software Engineer and Engineering Manager, reflects on his exploration of code from 2006-2015. Instead of finding outdated practices, he is impressed by the innovative solutions early web frameworks provided. During this period, web development had to tackle browser inconsistencies, particularly with Internet Explorer 6 dominating the market. The launch of jQuery 1.0 in August 2006 greatly simplified DOM manipulation by creating a consistent API that abstracted browser differences. Designed

Build a minimal decorator with Ruby in 30 minutes - Remi Mercier

Published: 2025-06-12 | Origin: /r/ruby

The author describes their process of creating a minimal decorator from scratch to add view-related methods to a Teacher object, due to incompatibility with the draper gem in their older Rails application. They aim to implement a `colour_coded_availability` method that generates CSS classes for a table of teachers based on their availability. To accomplish this, the author creates a decorator that accepts a Teacher instance and exposes the `colour_coded_availability` method. However, they encounter a `NoMethodError`

The Illusion of Thinking

Published: 2025-06-12 | Origin: /r/programming

The authors of the study, led by Parshin Shojaee and Iman Mirzadeh, explore the capabilities and limitations of Large Reasoning Models (LRMs) that generate detailed reasoning processes before answering questions. While LRMs show improved performance on reasoning tasks, their scaling properties and fundamental abilities are not fully understood. Current evaluations focus on final answer accuracy, often overlooking the structure and quality of the reasoning traces. The researchers used controllable puzzle environments to assess both final answers and internal reasoning processes

Celebrating GitHub's 1 billionth repo

Published: 2025-06-12 | Origin: /r/programming

Failed to fetch content - HTTP Status - 404

Command line TOTP on OSX w/o 1password | zenspider.com

Published: 2025-06-12 | Origin: /r/ruby

The author discusses their transition from using 1Password to generate one-time passwords (OTP) for publishing to RubyGems, primarily due to dissatisfaction with subscription models and the want to eliminate Electron apps. They outline a method for generating OTPs using touch ID or the system password on macOS, noting that other systems, such as YubiKey, may provide alternatives for non-macOS users. The setup process involves generating a password for the `totp-cli` in Apple's Password.app,

Astonishing discovery by computer scientist: how to squeeze space into time

Published: 2025-06-12 | Origin: /r/programming

Of course! Please provide the content you'd like summarized, and I'll be happy to help.

Show HN: Eyesite - experimental website combining computer vision and web design

Published: 2025-06-12 | Origin: Hacker News

The author, unable to afford the $3,500 Apple Vision Pro, created a similar eye-tracking project called Eyesite. Using the WebGazer.js library, they implemented eye tracking with calibration for improved accuracy. The idea was to allow users to interact with a website using their gaze instead of a mouse, and clicking would be done with the spacebar, mimicking the Apple Vision Pro's functionality. Initially, a visible red dot indicated where users were looking, but this distracted users and revealed

Microsoft Office migration from Source Depot to Git

Published: 2025-06-12 | Origin: Hacker News

The author reflects on their journey, transitioning from focusing on product development to enhancing developer productivity. They emphasize the importance of saving small amounts of time for developers, which can lead to significant overall efficiency gains. A pivotal project in their career was the Office migration from Source Depot to Git, which highlights the evolution of version control systems. In the early 2000s, Microsoft's source control landscape was challenging, as Git was not yet available, and other options like SVN were still emerging. Microsoft created its own

Richard Stallman - How I do my computing

Published: 2025-06-11 | Origin: /r/programming

The content discusses the author's experience with various computers that align with their commitment to free software. As of 2022, the author uses a Thinkpad x200 running Libreboot and Trisquel GNU/Linux, which were reconditioned by small businesses to respect user freedom, although not originally sold that way. Prior to this, the author used a Lemote Yeeloong, the only laptop at the time capable of running free software, and an OLPC, which was later abandoned due to its