Top Hacker News Stories for November 21, 2025

2025-11-21 Hacker News Top Stories

1. Google DeepMind officially launches the Nano Banana Pro image generation and editing model

https://blog.google/technology/ai/nano-banana-pro/

The Nano Banana Pro is an image generation and editing model built on Gemini 3 Pro, enhancing reasoning capabilities and real-world knowledge. It supports the generation of accurate and clear multilingual text within images, suitable for posters, mockups, educational infographics, recipe steps, and artistic creations that incorporate real-time data. The model supports up to 4K output, provides consistent brand style control, and advanced creative features, generating content with SynthID watermarks to ensure transparency and traceability. It can be used through platforms such as Gemini apps, Google Ads, and Google AI Studio.

Top Hacker News Stories for November 21, 2025

HN Hotness 753 points | Comments 469 comments | Author: meetpateltech | 9 hours ago

  • • The payment and authentication process for Google AI Studio is overly complicated, with users encountering permission denial issues when applying for API keys, leading to a poor experience.
  • • Despite the excellent performance of the new model launched by Google, the product experience is far inferior to competitors, particularly in UI interface and basic functionality stability.
  • • Users expressed dissatisfaction with Google’s rapid product releases without adequate internal preparation, believing that product issues should be resolved before large-scale promotion.
  • • Some users pointed out the severe fragmentation in Google’s service ecosystem, such as the confusing naming of Cloud, Vertex AI, etc., making it difficult for developers to understand usage paths.
  • • Users mentioned that even those unfamiliar with technical details find it challenging to smoothly access services due to the complex processes, reflecting a lack of friendliness towards non-technical users.

2. Meta launches Segment Anything Model 3 (SAM 3)

https://ai.meta.com/sam3/

Meta has launched Segment Anything Model 3 (SAM 3), which supports precise segmentation and tracking of images and videos through natural language or visual prompts (clicking, selecting, masking, etc.). It inherits and enhances the capabilities of SAM 2, based on large-scale diverse multimodal data and a unified promptable architecture. It has been implemented in Instagram Edits and Meta AI Vibes, aiming to improve the media workflow efficiency for creators and developers.

Top Hacker News Stories for November 21, 2025

HN Hotness 643 points | Comments 132 comments | Author: lukeinator42 | 1 day ago

  • • Meta’s continued open-source model is commendable; despite the controversies surrounding the company, its actions benefit the entire industry.
  • • After the 2023 Llama weight leak incident, Meta shifted to a more proactive defense, indicating that its open-source approach is not purely altruistic but a strategic adjustment.
  • • The Llama weight leak did not originate from within Meta but was caused by early researchers sharing it; Meta originally planned to open the weights.
  • • Some believe Meta’s open-source behavior is a commercial strategy, such as “commoditize your complement” to respond to competition from OpenAI and Anthropic.
  • • Although Meta has a poor reputation in social media, its contributions to the open-source field cannot be overlooked, making it one of the most successful open-source companies among top tech firms.

3. The U.S. Patent and Trademark Office plans to introduce new rules making bad patents untouchable

https://www.eff.org/deeplinks/2025/11/patent-office-about-make-bad-patents-untouchable

The U.S. Patent and Trademark Office plans to introduce new rules that significantly limit the avenues for challenging granted patents through inter partes review (IPR): applying for IPR requires waiving court defenses, and once a patent survives any challenge, it becomes permanently unreviewable. If court proceedings are faster, IPR will be prohibited. This move will make it harder to correct patent abuses and increase litigation threats to small and medium-sized enterprises and developers. The article calls on the public to submit objections immediately, emphasizing the importance of maintaining IPR for innovation and fair competition.

Top Hacker News Stories for November 21, 2025

HN Hotness 560 points | Comments 84 comments | Author: iamnotthere | 1 day ago

  • • Groklaw was once an important source of information at the intersection of technology and law, and its closure is related to the increased internet surveillance after the Snowden incident, as it could not guarantee collaborative privacy.
  • • The Groklaw website is now used to promote cryptocurrency gambling, reflecting the phenomenon of many closed websites being maliciously acquired and turned into advertising tools.
  • • Some black and gray market marketers acquire abandoned websites, replace content, and insert links for gambling, credit cards, etc., achieving long-term profits.
  • • The decline of websites is related to the early internet’s lack of encrypted communication (such as HTTPS), leading to a large amount of data being easily intercepted.
  • • Although HTTPS began to gain popularity in 2011-2012, the government could still obtain data by deploying monitoring devices within data centers.

4. Gaming on Linux has never been more approachable

https://www.theverge.com/tech/823337/switching-linux-gaming-desktop-cachyos

Author Nathan Edwards, dissatisfied with the increasing mandatory features of Windows 11 and the erosion of user control, decided to try installing the gaming-optimized Arch-based distribution CachyOS on his newly assembled high-performance gaming PC. The article reviews his sporadic encounters with Linux in the past and points out that Valve’s Steam Deck, Proton, and related distributions have significantly improved the gaming usability of Linux, suggesting that now is the right time to try desktop Linux, even predicting that 2026 may see further developments on the desktop front.

Top Hacker News Stories for November 21, 2025

HN Hotness 512 points | Comments 385 comments | Author: throwaway270925 | 1 day ago

  • • Running games on Linux using Steam has become very smooth, especially with Valve’s Proton technology, allowing many games to run without additional configuration.
  • • Although there are compatibility issues with native Linux game versions, forcing Steam to run the Windows version can effectively resolve most problems.
  • • Some argue that the Win32 API has become the most stable interface in the Linux environment because Wine can reliably encapsulate Windows applications.
  • • There are concerns that Microsoft may make destructive updates to Win32 in the future, forcing the Proton team to keep up, but others believe this risk is relatively low in practice.
  • • Due to the lack of a unified binary compatibility standard in the Linux software ecosystem, running old version applications on new systems is difficult, contrasting with macOS’s version compatibility mechanism.

5. AI is a front for consolidation of resources and power

https://www.chrbutler.com/what-ai-is-really-for

The author, based on three years of observation, believes that AI is severely exaggerated: it is difficult to reproduce styles, handle hierarchies, and layouts in real design workflows, requiring significant manual reconstruction; it is useful for small tasks (retrieval, summarization, analysis), but large-scale automation often incurs more investment than output. The scale of the AI bubble is enormous, fostering capital and power concentration, and may erode information trust. The author questions the motives behind promoting AI, suggesting that some stakeholders profit from the bubble, leading to systemic risks.

HN Hotness 504 points | Comments 397 comments | Author: delaugust | 1 day ago

  • • General technologies often lag behind existing practices initially but can progress rapidly and gradually surpass existing methods in various fields, with the key being to identify and seize critical points of technological breakthroughs.
  • • The key to technological success is not to find currently ineffective application scenarios but to continuously seek incremental problems that become solvable with technological advancements.
  • • Tesla achieved a lead over traditional automakers by being the first to adopt lithium battery technology in the high-end market, even though mainstream automakers believed the technology was unsuitable for the mass market.
  • • Not all general technologies succeed; many stagnate in their early stages and are ultimately forgotten by history, so the prevalence of failure cases cannot be overlooked.
  • • General technologies typically first achieve “good enough” applications in specific fields, gradually replacing specialized equipment or personnel, and only when they reach “good enough” in multiple fields do they begin to be widely adopted.

6. OpenAI launches the new cutting-edge programming model GPT-5.1-Codex-Max, designed for complex, long-term development tasks

https://openai.com/index/gpt-5-1-codex-max/

GPT-5.1-Codex-Max is a programming model aimed at complex, long-cycle development tasks, based on an improved reasoning foundation model and trained through software engineering, mathematics, and research-type agent tasks, enhancing code generation and collaboration capabilities. It outperforms previous models in multiple programming benchmarks (such as SWE-Lancer, Terminal-Bench 2.0), with more efficient reasoning, achieving higher accuracy with “medium” reasoning intensity in certain tasks and reducing thinking tokens by about 30%. It supports “compression” technology and can handle millions of tokens across context windows, capable of running continuously for over 24 hours; it runs by default in a secure sandbox, limiting write and network access, and generates terminal logs for manual review and verification. It has been launched in CLI, IDE plugins, and cloud scenarios, with the API set to open soon.

Top Hacker News Stories for November 21, 2025

HN Hotness 467 points | Comments 297 comments | Author: hansonw | 1 day ago

  • • Codex strictly follows instructions and may overcomplicate solutions due to minor wording, described as a “literal genie,” suitable for long-term complex tasks requiring high accuracy.
  • • Claude tends to ignore instructions, making its own judgments and correcting obvious errors, suitable for rapid iteration development scenarios, such as style adjustments.
  • • In large project refactoring, Codex can complete complex system rewrites based on brief instructions, such as switching a flight simulator from floating-point origins to real Earth coordinates, with results that are generally correct.
  • • Codex excels in implementing code refactoring functions (such as “extract function”), quickly generating runnable prototypes, significantly shortening the development time from zero to usable.
  • • Codex sometimes makes overly general architectural decisions, such as attempting to build a universal engine like Unity instead of focusing on specific types of games, requiring clear limitations to avoid.

7. The Death of Arduino?

https://www.linkedin.com/posts/adafruit_opensource-privacy-techpolicy-activity-7396903362237054976-r14H

Arduino has quietly modified its terms of service and privacy policy after being acquired by Qualcomm, adding permanent licensing, AI functionality behavior tracking, prohibiting the identification of potential patent infringements, retaining usernames after cancellation, and prohibiting reverse engineering, severely deviating from the open-source spirit. This has raised concerns in the education, maker, and research communities and may prompt a shift towards alternative platforms like Adafruit, PlatformIO, and VSC.

HN Hotness 427 points | Comments 229 comments | Author: ChuckMcM | 1 day ago

  • • Arduino’s terms only apply to its cloud services and other online platforms, not affecting open-source hardware projects themselves.
  • • The terms are a result of the legal team applying standard SaaS service terms to platform services, which is a common practice.
  • • The definition of “platform” is clearly limited to websites, online services, forums, etc., and does not include local development tools or hardware.
  • • The reverse engineering restriction may lead to a public relations crisis and could be removed in the future.
  • • Adafruit’s publication of such articles as a seller presents a conflict of interest.

8. Loose wire leads to blackout, contact with Francis Scott Key bridge

https://www.ntsb.gov/news/press-releases/Pages/NR20251118.aspx

On March 26, 2024, the container ship “Dali” experienced a blackout due to a loose wire that was not fully inserted into the terminal block, causing circuit breakers to trip. The two blackouts resulted in a loss of propulsion and steering control, leading to a collision with the Baltimore Francis Scott Key Bridge, which collapsed and resulted in the deaths of six road maintenance workers. The NTSB pointed out electrical installation defects and insufficient bridge protection, issuing 68 safety recommendations to multiple agencies, with a complete report to be released in a few weeks.

Top Hacker News Stories for November 21, 2025

HN Hotness 416 points | Comments 210 comments | Author: DamnInteresting | 1 day ago

  • • The direct cause of the accident was the loose wire, but the deeper issues involved multiple system defects, such as manual transformer switching, lack of training, non-redundant design of fuel pumps, and no emergency cooling for the main engine, reflecting the “Swiss cheese model” of multiple failures.
  • • The operating environment for shipping is harsh, with low crew wages and heavy responsibilities, leading to a serious disconnect between actual working conditions and safety requirements, with the aftermath of the accident being handled in a “soft detention” manner, reflecting systemic exploitation.
  • • The shipping industry is highly competitive, with strict cost control, leading to insufficient maintenance and safety investments, leaving many vessels in a “waiting for an accident” state, just not yet exposed.
  • • The NTSB report recommends comprehensive inspections of vessels using infrared cameras, but practical implementation is challenging, as many systems are in low-load states while in port, making it difficult to identify operational hazards.
  • • Vessel maintenance is often performed by vendor technicians while underway, lacking systematic testing, and the short docking time does not allow for thorough safety verification.

9. Red Alert 2 in web browser: Chrono Divide – a fan remake project based on web technology

https://chronodivide.com/

Chrono Divide is a fan-developed web-based remake of Red Alert 2, running entirely in the browser, cross-platform, and requiring no installation. It supports all original maps, complete multiplayer battles, battle replays, and a large number of original mods. The project uses a client-server architecture to simplify online play, has low hardware requirements, and is recommended to use modern browsers and newer processors. This project is non-profit and under continuous development, with donations welcomed for support.

Top Hacker News Stories for November 21, 2025

HN Hotness 376 points | Comments 126 comments | Author: nsoonhui | 11 hours ago

  • • The source code for Red Alert 2 is rumored to have been lost long ago, making it astonishing that the Chrono Divide team could implement the game in the browser.
  • • The Mental Omega mod project is still active, keeping Red Alert 2 playable to this day, and hopes it will run smoothly in the browser version.
  • • EA has released the source code for most Command & Conquer series games, but Red Alert 2 was not included, possibly due to the loss of its source code.
  • • The source code for Tiberian Sun and Firestorm is also rumored to be lost, making it difficult to replicate real-time strategy games from 1999.
  • • The Mental Omega mod is rumored to have the complete source code and toolchain, allowing for expansions far beyond the original engine’s capabilities.

10. ‘Calvin and Hobbes’ at 40

https://www.npr.org/2025/11/18/nx-s1-5564064/calvin-and-hobbes-bill-watterson-40-years-comic-strip-lee-salem

First published in 1985, the comic strip “Calvin and Hobbes” created by Bill Watterson depicts the adventures and philosophies of a 6-year-old boy named Calvin and his imaginary tiger friend Hobbes. The work was popular in the U.S. from 1985 to 1995, known for its unique humor, profound thoughts, and exquisite art style; Watterson voluntarily ended the series in 1995, and the work and its editor Lee Salem’s memories continue to influence readers and spark some controversy.

Top Hacker News Stories for November 21, 2025

HN Hotness 328 points | Comments 127 comments | Author: mooreds | 12 hours ago

  • • “Calvin and Hobbes” is an important part of many readers’ childhoods, with wisdom far exceeding the mainstream culture and educational content of the time, but the protagonist Calvin’s rebellious and alienated character is not an ideal life model.
  • • More than thirty years later, readers realize they can face contradictions and hypocrisy in life in a more pragmatic and inclusive way, rather than blindly adhering to Calvin’s critical and arrogant attitude.
  • • Some believe Calvin is not a role model but an accurate depiction of childhood loneliness and intelligence that does not fit in, while Hobbes symbolizes reason and maturity.
  • • As a deeply humanistic work, the value of “Calvin and Hobbes” lies in providing a spiritual “safe haven” rather than a life guide.
  • • Some argue that the ironic, anti-heroic character represented by Calvin was prevalent in 90s pop culture, negatively influencing growing children by promoting rebellion over responsibility and empathy.

For the complete summary, please click “Read the original” 👇👇👇

Hacker News Highlights and Translations

Loose wire leads to blackout, contact with Francis…

https://news.ycombinator.com/item?id=45985858

I strongly recommend watching/reading the entire report, or the summary by Sal Mercogliano of What’s Going On In Shipping 0.

Yes, the loose wire was the immediate cause, but there was far more going wrong here. For example:

  • • The transformer switchover was set to manual rather than automatic, so it didn’t automatically fail over to the backup transformer.
  • • The crew did not routinely train transformer switchover procedures.
  • • The two generators were both using a single non-redundant fuel pump (which was never intended to supply fuel to the generators!), which did not automatically restart after power was restored.
  • • The main engine automatically shut down when the primary coolant pump lost power, rather than using an emergency water supply or letting it overheat.
  • • The backup generator did not come online in time.

It’s a classic Swiss Cheese model. A lot of things had to go wrong for this accident to happen. Focusing on that one wire isn’t going to solve all the other issues. Wires, just like all other parts, will occasionally fail. One wire failure should never have caused an incident of this magnitude. Sure, there should probably be slightly better procedures for checking the wiring, but next time it’ll be a failed sensor, actuator, or controller board.

If we don’t focus on providing and ensuring a defense-in-depth, we will sooner or later see another incident like this.

crote

I strongly recommend watching/reading the entire report, or the summary by Sal Mercogliano of What’s Going On In Shipping 0.

Yes, the loose wire was the immediate cause, but there was far more going wrong here. For example:

  • • The transformer switchover was set to manual rather than automatic, so it didn’t automatically fail over to the backup transformer.
  • • The crew did not routinely train transformer switchover procedures.
  • • The two generators were both using a single non-redundant fuel pump (which was never intended to supply fuel to the generators!), which did not automatically restart after power was restored.
  • • The main engine automatically shut down when the primary coolant pump lost power, rather than using an emergency water supply or letting it overheat.
  • • The backup generator did not come online in time.

It’s a classic Swiss Cheese model. A lot of things had to go wrong for this accident to happen. Focusing on that one wire isn’t going to solve all the other issues. Wires, just like all other parts, will occasionally fail. One wire failure should never have caused an incident of this magnitude. Sure, there should probably be slightly better procedures for checking the wiring, but next time it’ll be a failed sensor, actuator, or controller board.

If we don’t focus on providing and ensuring a defense-in-depth, we will sooner or later see another incident like this.

Europe is scaling back GDPR and relaxing AI laws

https://news.ycombinator.com/item?id=45984395

I get that too many regulations is a bad thing. But when we talk privacy and personal data there should be no gray zone. It has to be black and white. When I see a stupid cookie banner I search for “Reject all”. There’s no some data that companies can collect and process without my consent, they just shouldn’t be able to collect anything without me actively opting in. Business never respects anything, but profits. Seeing news about relaxing these laws with the “AI” going after this leaves a bitter taste. And with them also trying to push the Chat Control thing, it gets even worse.

rckt

I understand that too many regulations are bad. But when we talk about privacy and personal data, there should be no gray area. It must be black and white. When I see that stupid cookie banner, I search for “Reject all”. There should be no data that companies can collect and process without my consent; they should not be able to collect anything without my active opt-in. Businesses only respect profits, not anything else. Seeing news about relaxing these laws under the guise of “AI” is disheartening. And with them also trying to push the Chat Control thing, it gets even worse.

Europe is scaling back GDPR and relaxing AI laws

https://news.ycombinator.com/item?id=45981361

There has been a change in the community here over the last decade, we’ve lost a lot of the hacker spirit and have a larger proportion of “chancers”, people who are only in tech to “get rich quick”. The legacy of ZIRP combined with The Social Network marketing.

radicalbyte

Over the past decade, the atmosphere in our community has changed; much of the “hacker spirit” has faded, replaced by more speculators looking to “get rich quick”. This is the legacy of zero interest rate policies (ZIRP) combined with the marketing of The Social Network.

Microsoft AI CEO pushes back against critics after…

https://news.ycombinator.com/item?id=45985168

The fact that people are unimpressed that we can have a fluent conversation with a super smart AI that can generate any image/video is mindblowing to me.

It’s not that people are unimpressed with AI – they’re just tired of constantly being bombarded with it, and it sneaking its way into where it’s not wanted. “Generate any image you want!” “Analyse this thing with AI!” gets pretty tiring.

If I want AI I’ll actively seek it out and use it – otherwise, jog on.

hifix

People can have fluent conversations with a super-intelligent AI that can generate any image/video, and yet they are unimpressed, which is mind-blowing to me.

It’s not that people are unimpressed with AI; they are just tired of being bombarded with it constantly and having it sneak into places where it is not wanted. “Generate any image you want!” “Use this AI to analyze this!” gets pretty tiring.

If I want AI, I will actively seek it out and use it; otherwise, just go away.

Nano Banana Pro

https://news.ycombinator.com/item?id=45995765

Google has been stomping around like Godzilla this week, and this is the first time I decided to link my card to their AI studio.

I had seen people saying that they gave up and went to another platform because it was “impossible to pay”. I thought this was strange, but after trying to get a working API key for the past half hour, I see what they mean.

Everything is set up, I see a message that says “You’re using Paid API key [NanoBanano] as part of [NanoBanano]. All requests sent in this session will be charged.” Go to prompt, and I get a “permission denied” error.

There is no point in having impressive models if you make it a chore for me to -give you my money-

ceroxylon

Google has been stomping around like Godzilla this week, and this is the first time I decided to link my credit card to their AI studio.

I saw people saying they gave up and went to another platform because “payment is impossible”. I thought this was strange, but after trying to get a working API key for the past half hour, I understand what they mean.

Everything is set up, and I see a message that says, “You are using the paid API key [NanoBanano] as part of [NanoBanano]. All requests sent in this session will be charged.” But when I go to prompt, I get a “permission denied” error.

If your model is impressive, but you make it so difficult for me to spend money, what’s the point?

Europe is scaling back GDPR and relaxing AI laws

https://news.ycombinator.com/item?id=45984688

I’ve stopped thinking of regulations as a single dial, where more regulations is bad or less regulations is bad. It entirely depends on what is being regulated and how. Some areas need more regulations, some areas need less. Some areas need altered regulation. Some areas have just the right regulations. Most regulations can be improved, some more than others.

energy123

I no longer view regulation as a simple dial where more is bad and less is good. It entirely depends on what is being regulated and how. Some areas require more regulation, some require less. Some areas need adjustments to existing regulations, while others have regulations that are just right. Most regulations have room for improvement, though the degree varies.

CBP is monitoring US drivers and detaining those w…

https://news.ycombinator.com/item?id=45997140

It’s been fascinating watching the party of “small government” turn into one that supports ever expanding powers of a three letter agency whose job is supposed to be patrolling the border. It’s like a new 9/11 Patriot act moment, except it’s only one side supporting it this time.

hypeatei

It is fascinating to see the “small government” party transform into one that supports the ever-expanding powers of a three-letter agency whose job is supposed to patrol the border. It’s reminiscent of a new 9/11 Patriot Act moment, but this time only one side is supporting it.

Thunderbird adds native Microsoft Exchange email s…

https://news.ycombinator.com/item?id=45982201

While it’s been a long time since I’ve used Thunderbird, I just wanted to take the time to publicly say thank you.

Many HNers probably won’t (or can’t) remember the world of desktop mail clients, but basically during the height of MSFT dominance there was only one real mail client: Outlook. Which Microsoft was starting to monetize heavily, ignore UX, and keep it Windows only (can’t blame them for that).

Then Thunderbird arrived on the scene, an OSS mail client that beat the pants off of Outlook in features, spam detection, IMAP support, and a bunch of other things.

And it was free.

And you could use it on any machine.

This was a huge moment for OSS.

We owe a lot of credit to Mozilla and Thunderbird for rescuing us from a closed source world.

bnchrch

Although I haven’t used Thunderbird in a long time, I want to take this opportunity to publicly express my gratitude.

Many Hacker News users may not (or cannot) remember the era of desktop email clients, but during Microsoft’s peak dominance, there was essentially only one real email client: Outlook. Microsoft was heavily monetizing it, neglecting user experience, and keeping it Windows-only (which is understandable).

Then Thunderbird came along, an open-source email client that outperformed Outlook in features, spam detection, IMAP support, and many other aspects.

And it was free.

And you could use it on any machine.

This was a significant moment for open-source software.

We owe a great deal to Mozilla and Thunderbird for rescuing us from a closed-source world.

Gaming on Linux has never been more approachable

https://news.ycombinator.com/item?id=45986917

I recently had my Framework Desktop delivered. I didn’t plan on using it for gaming, but I figured I should at least try. My experience thus far:

  • • I installed Fedora 43 and it (totally unsurprisingly) worked great.
  • • I installed Steam from Fedora’s software app, and that worked great as well.
  • • I installed Cyberpunk 2077 from Steam, and it just… worked.Big thanks to Valve for making this as smooth as it was. I was able to go from no operating system to Cyberpunk running with zero terminals open or configs tweaked.

I later got a hankering to play Deus Ex: Mankind Divided. This time, the game would not work and Steam wasn’t really forthcoming with showing logs. I figured out how to see the logs, and then did what you do these days – I showed the logs to an AI. The problem, slightly ironically, with MD is that it has a Linux build and Steam was trying to run that thing by default. The Linux build (totally unsurprisingly) had all kinds of version issues with libraries. The resolution there was just to tell Steam to run the Windows build instead and that worked great.

vinkelhake

I recently received my Framework desktop. I didn’t plan to use it for gaming, but I thought I should at least give it a try. So far, my experience has been:

  • • I installed Fedora 43, and it (not surprisingly) worked great.
  • • I installed Steam from Fedora’s software app, and that worked great too.
  • • I installed Cyberpunk 2077 from Steam, and it just… worked.Thanks to Valve for making this process so smooth. I was able to go from having no operating system to running Cyberpunk without opening any terminals or tweaking any configurations.

Later, I wanted to play Deus Ex: Mankind Divided. This time, the game wouldn’t work, and Steam wasn’t very helpful in showing logs. I figured out how to view the logs and did what you do these days – I showed the logs to an AI. The problem, somewhat ironically, with MD is that it has a Linux version, and Steam was trying to run that by default. The Linux version (not surprisingly) had all sorts of version issues with libraries. The solution was simply to tell Steam to run the Windows version instead, and that worked perfectly.

CBP is monitoring US drivers and detaining those w…

https://news.ycombinator.com/item?id=45997278

License plate scanners are one of the most under-appreciated violations of personal privacy that exist today.

It’s not just government use either. There are private companies that scan vast numbers of license plates (sometimes by driving around parking lots with a camera), build a database of what plate was seen where at what time, then sell access to both law enforcement and I believe private investigators.

Want to know if your spouse is having an affair? Those databases may well have the answer.

Here is a Wired story from 2014 about Vigilant Solutions, founded in 2009: https://www.wired.com/2014/05/license-plate-tracking/

I believe Vigilant only provides access to law enforcement, but Digital Recognition Network sells access to others as well: https://drndata.com/about/

Good Vice story about that: https://www.vice.com/en/article/i-tracked-someone-with-license-plate-readers-drn/

simonw

License plate scanners are one of the most underappreciated violations of personal privacy that exist today.

It’s not just the government using them. Some private companies also scan vast numbers of license plates (sometimes by driving around parking lots with a camera), building a database of when and where each plate was seen, and then selling access to that database to law enforcement and, I believe, private investigators.

Want to know if your spouse is having an affair? Those databases might just have the answer.

Here is a Wired article from 2014 about Vigilant Solutions, founded in 2009: https://www.wired.com/2014/05/license-plate-tracking/

I believe Vigilant only provides access to law enforcement, but Digital Recognition Network also sells access to others: https://drndata.com/about/

Here’s a good Vice article about that: https://www.vice.com/en/article/i-tracked-someone-with-license-plate-readers-drn/

What Killed Perl?

https://news.ycombinator.com/item?id=45982756

The backwards incompatibility of Perl 6 absolutely killed Perl.

There are many languages still in use today that have all kinds of warts and ugliness, but they remain in use because they still have momentum and lots of legacy things built in them. So being ugly or old isn’t enough of a factor for people to abandon something in droves.

Once you need to rewrite everything, there’s no reason to stay with something you know since you need to fully retool anyway.

As a Perl programmer since v5 was released, the confusion around 6 completely destroyed almost everyone’s enthusiasm, and immediately caused all new projects to avoid Perl. It seemed like 5 had reached the end of the line, and 6 was nowhere to be found. Nobody wants to gamble so many hours of their lives, and the future of their business, on such an uncertain environment.

If Perl 6 had any visible movement within the first few years, it might have survived, but it was a good decade before they even admitted Perl 6 might take longer than expected, and then more time after that before they admitted it should have been a new language. 6 was interesting for language geeks, and they probably did some cool things, but you can’t run a large popular project like it’s a small research project. That completely destroyed all momentum in the community. Perl 5 development only resumed far too late, after the writing was already on the wall.

Both Bill Gates and Linus understand backwards compatibility as a sacrosanct principle. Python only just barely survived the jump from 2 to 3. JavaScript can only survive this because there’s no other option in a browser.

orev

The backwards incompatibility of Perl 6 absolutely killed Perl.

There are many languages still in use today that have all kinds of warts and ugliness, but they remain in use because they still have momentum and lots of legacy things built in them. So being ugly or old isn’t enough of a factor for people to abandon something in droves.

Once you need to rewrite everything, there’s no reason to stay with something you know since you need to fully retool anyway.

As a Perl programmer since v5 was released, the confusion around 6 completely destroyed almost everyone’s enthusiasm, and immediately caused all new projects to avoid Perl. It seemed like 5 had reached the end of the line, and 6 was nowhere to be found. Nobody wants to gamble so many hours of their lives, and the future of their business, on such an uncertain environment.

If Perl 6 had any visible movement within the first few years, it might have survived, but it was a good decade before they even admitted Perl 6 might take longer than expected, and then more time after that before they admitted it should have been a new language. 6 was interesting for language geeks, and they probably did some cool things, but you can’t run a large popular project like it’s a small research project. That completely destroyed all momentum in the community. Perl 5 development only resumed far too late, after the writing was already on the wall.

Both Bill Gates and Linus understand backwards compatibility as a sacrosanct principle. Python only just barely survived the jump from 2 to 3. JavaScript can only survive this because there’s no other option in a browser.

Building more with GPT-5.1-Codex-Max

https://news.ycombinator.com/item?id=45983286

I would love to see all the big players put 1% of the effort they put into model training into making the basic process of paying and signing in suck less.

Claude: they barely have a signin system at all. Multiple account support doesn’t exist. The minimum seat count for business is nonsense. The data retention policies are weak.

OpenAI: Make ZDR a thing you can use or buy without talking to sales, already. And for those using containers or a remote system or really anything other than local development with the codex CLI, you really really need to fix this bug. I bet Codex could do at least the client part for you!

https://github.com/openai/codex/issues/2798

(Hint: Claude Code gets this right by default, despite the fact that everything else about Claude sign-in is a joke.)

Google: get all your B2B AI product managers in one room and tell them that they need to make one single product menu on one single webpage with all the pricing on that page and that the Google Cloud people are not permitted to make anything that isn’t actually logically Google Cloud depend on Google Cloud Billing. Your product cannot compete with OpenAI or Anthropic if people need to ask an LLM to figure out what your product is and if your own fancy LLMs can’t give a straight answer. My company pays for a non-Google product primarily because it’s too complicated to pay for the Google product! Right now, trying to use Google’s AI is like trying to ride Bay Area public transit before the Clipper Card.

amluto

I really wish all the big players would put 1% of the effort they put into model training into improving the user experience of basic processes like payment and sign-in.

Claude: they barely have a sign-in system at all. There’s no support for multiple accounts. The minimum seat count for business is ridiculous. The data retention policies are weak.

OpenAI: Please make ZDR a product that can be used or purchased without having to talk to sales. And for those using containers, remote systems, or anything other than local development with the Codex CLI, you really need to fix this bug. I bet Codex could handle at least the client part for you!

https://github.com/openai/codex/issues/2798

(Hint: Claude Code gets this right by default, even though everything else about Claude’s sign-in is a joke.)

Google: Get all your B2B AI product managers in one room and tell them they need to create a single product menu on one webpage with all the pricing on that page, and that the Google Cloud team is not allowed to make anything that doesn’t logically depend on Google Cloud Billing. Your product cannot compete with OpenAI or Anthropic if people need to ask an LLM to figure out what your product is, and if your own fancy LLMs can’t give a straight answer. My company pays for a non-Google product primarily because it’s too complicated to pay for the Google product! Right now, trying to use Google’s AI is like trying to ride Bay Area public transit before the Clipper Card.

Show HN: I made a down detector for down detector

https://news.ycombinator.com/item?id=45976849

As a European solo developer, I’ve switched entirely to European alternatives for all my infrastructure since the beginning of the year.

Cloudflare > Bunny.net

AWS > Hetzner

Business email > Infomaniak

Not a single client site has experienced downtime, and it feels great to finally decouple from U.S. services.

spyridonas

As a European independent developer, I have completely switched all my infrastructure to European alternatives since the beginning of the year.

Cloudflare > Bunny.netAWS > HetznerBusiness email > Infomaniak

Not a single client site has experienced downtime, and it feels great to finally break free from reliance on U.S. services.

Europe is scaling back GDPR and relaxing AI laws

https://news.ycombinator.com/item?id=45983324

I sympathize with the startup argument: heavy compliance costs can stifle early innovation. But the solution shouldn’t be “weaker rules.” It should be smarter rules, clearer safe harbors for small actors, browser-level consent primitives for users, and stronger enforcement against dark-pattern CMPs. That keeps privacy meaningful without killing small businesses.

danishSuri1994

I sympathize with the startup argument: high compliance costs can stifle early innovation. However, the solution should not be “weaker rules”; it should be smarter rules, clearer safe harbors for small players, browser-level consent mechanisms for users, and stronger enforcement against dark-pattern CMPs. This way, privacy can remain meaningful without stifling small businesses.

Android/Linux Dual Boot

https://news.ycombinator.com/item?id=45990978

sideloading

It’s called installing. Language matters and I see no reason to concede this point in Google’s favour.

24t

This is called installation. Language matters, and I see no reason to concede this point to Google.

Building more with GPT-5.1-Codex-Max

https://news.ycombinator.com/item?id=45983533

I’ve been using a lot of Claude and Codex recently.

One huge difference I notice between Codex and Claude code is that, while Claude basically disregards your instructions (CLAUDE.md) entirely, Codex is extremely, painfully, doggedly persistent in following every last character of them – to the point that I’ve seen it work for 30 minutes to convolute some solution that was only convoluted because of some sentence I threw in the instructions I had completely forgotten about.

I imagine Codex as the “literal genie” – it’ll give you exactly what you asked for. EXACTLY. If you ask Claude to fix a test that accidentally says assert(1 + 1 === 3), it’ll say “this is clearly a typo” and just rewrite the test. Codex will rewrite the entire V8 engine to break arithmetic.

Both these tools have their uses, and I don’t think one approach is universally better. Because Claude just hacks its way to a solution, it is really fast, so I like using it for iterative web work, where I need to tweak some styles and I need a fast iterative loop. Codex is much worse at that because it takes like 5 minutes to validate everything is correct. Codex is much better for longer, harder tasks that have to be correct — I can just write some script to verify that what it did works, and let it spin for 30-40 minutes.

johnfn

I have been using a lot of Claude and Codex recently.

I notice a huge difference between Codex and Claude code: while Claude basically ignores your instructions (CLAUDE.md), Codex is extremely, painfully, and doggedly persistent in following every last character of them – to the point where I’ve seen it spend 30 minutes convoluting a solution that was only convoluted because of a sentence I casually threw into the instructions and had completely forgotten about.

I think of Codex as the “literal genie” – it will give you exactly what you asked for. EXACTLY. If you ask Claude to fix a test that accidentally says assert(1 + 1 === 3), it will say “this is clearly a typo” and just rewrite the test. Codex will rewrite the entire V8 engine to break arithmetic.

Both tools have their uses, and I don’t think one approach is universally better. Because Claude just hacks its way to a solution, it is really fast, so I like using it for iterative web work, where I need to tweak some styles and need a fast iterative loop. Codex is much worse at that because it takes about 5 minutes to validate everything is correct. Codex is much better for longer, harder tasks that need to be correct — I can just write a script to verify that what it did works and let it run for 30-40 minutes.

Building more with GPT-5.1-Codex-Max

https://news.ycombinator.com/item?id=45983698

Claude basically disregards your instructions (CLAUDE.md) entirely

A friend of mine tells Claude to always address him as “Mr Tinkleberry”, he says he can tell when Claude is not paying attention to the instructions on CLAUDE.md when Claude stops calling him “Mr Tinkleberry” consistently.

nico

Claude basically disregards your instructions (CLAUDE.md) entirely. A friend of mine tells Claude to always address him as “Mr. Tinkleberry”; he says he can tell when Claude is not paying attention to the instructions on CLAUDE.md when Claude stops calling him “Mr. Tinkleberry” consistently.

Cognitive and mental health correlates of short-fo…

https://news.ycombinator.com/item?id=45985084

As someone who pays for YouTube, I don’t understand why I can’t disable shorts fully. They already have my money. What more do they want?

nverba

As a paying user, I really don’t understand why I can’t completely disable Shorts. They’ve already taken my money; what more do they want?

Gaming on Linux has never been more approachable

https://news.ycombinator.com/item?id=45985945

Community forums/support from big companies like Microsoft and Adobe tend to be completely useless. In most cases, all threads follow the same flow:

  • • Question with reasonable amount of detail.
  • • A reply from some “Community Helper” (Rank: Gold): “did you try reading the help files?”
  • • Another person with a “Staff” badge: “this isn’t our department”

[Thread closed.]

ronsor

Community forums/support from large companies like Microsoft and Adobe are often completely useless. In most cases, all threads follow the same pattern:

  • • A question with a reasonable amount of detail.
  • • A reply from some “Community Helper” (Rank: Gold): “Did you try reading the help files?”
  • • Another person with a “Staff” badge: “This isn’t our department.”

[Thread closed.]

I just want working RCS messaging

https://news.ycombinator.com/item?id=45976915

Yeah… I just started getting back into building sms/mms/rcs apps on Android and oh boy. It’s much more of a mess than I expected, and much more “oh so it’s basically just Google now, and they seem to be trying to lock it down further” than I expected (or hoped).

And you can’t even implement it yourself because it requires special permissions on Android, which you can only get if you’re a carrier/oem-blessed app. And the early “you’ll be able to build other apps, there will be an API like this: https://github.com/android-rcs/rcsjta ” promises (which would put it on par with sms/mms) never materialized, despite a reference implementation that did exactly that over a decade ago.

At this point I’m just totally against RCS and I’m intentionally turning it off. Why hand all of your messaging communications over to Google, when they’ve got such a consistent history of being hostile? We’re much better off going back to telling people not to use sms (or mms or rcs) at all because it’s insecure.

Groxx

Yeah… I just started getting back into building SMS/MMS/RCS apps on Android, and oh boy. It’s much messier than I expected, and much more “oh, so it’s basically just Google now, and they seem to be trying to lock it down further” than I expected (or hoped).

And you can’t even implement it yourself because it requires special permissions on Android, which you can only get if you’re a carrier/OEM-blessed app. The early promises of “you’ll be able to build other apps, there will be an API like this: https://github.com/android-rcs/rcsjta” (which would put it on par with SMS/MMS) never materialized, despite a reference implementation that did exactly that over a decade ago.

At this point, I’m completely against RCS and intentionally turning it off. Why would we hand all of our messaging communications over to Google, given their consistent history of hostility? We’re much better off going back to telling people not to use SMS (or MMS or RCS) at all because it’s insecure.

Cloudflare outage on November 18, 2025 post mortem

https://news.ycombinator.com/item?id=45973896

This showed up to Internet users trying to access our customers’ sites as an error page indicating a failure within Cloudflare’s network.

As a visitor to random web pages, I definitely appreciated this—much better than their completely false “checking the security of your connection” message.

The issue was not caused, directly or indirectly, by a cyber attack or malicious activity of any kind. Instead, it was triggered by a change to one of our database systems’ permissions

Also appreciate the honesty here.

On 18 November 2025 at 11:20 UTC (all times in this blog are UTC), Cloudflare’s network began experiencing significant failures to deliver core network traffic. […]

Core traffic was largely flowing as normal by 14:30. We worked over the next few hours to mitigate increased load on various parts of our network as traffic rushed back online. As of 17:06 all systems at Cloudflare were functioning as normal.

Why did this take so long to resolve? I read through the entire article, and I understand why the outage happened, but when most of the network goes down, why wasn’t the first step to revert any recent configuration changes, even ones that seem unrelated to the outage? (Or did I just misread something and this was explained somewhere?)

Of course, the correct solution is always obvious in retrospect, and it’s impressive that it only took 7 minutes between the start of the outage and the incident being investigated, but it taking a further 4 hours to resolve the problem and 8 hours total for everything to be back to normal isn’t great.

gucci-on-fleek

For users trying to access our customers’ sites, this appeared as an error page indicating a failure within Cloudflare’s network.

As a random web page visitor, I definitely appreciated this—much better than their completely false “checking the security of your connection” message.

This issue was not caused, directly or indirectly, by a cyber attack or malicious activity of any kind. Instead, it was triggered by a change to one of our database systems’ permissions.

Also appreciate the honesty here.

On November 18, 2025, at 11:20 UTC (all times in this blog are UTC), Cloudflare’s network began experiencing significant failures to deliver core network traffic.

By 14:30, core traffic was largely flowing normally. We worked over the next few hours to mitigate increased load on various parts of our network as traffic rushed back online. By 17:06, all systems at Cloudflare were functioning normally.

Why did this take so long to resolve? I read through the entire article, and I understand why the outage happened, but when most of the network goes down, why wasn’t the first step to revert any recent configuration changes, even those that seem unrelated to the outage? (Or did I misread something and this was explained somewhere?)

Of course, the correct solution is always obvious in retrospect, and it’s impressive that it only took 7 minutes from the start of the outage to the investigation of the incident, but it taking an additional 4 hours to resolve the problem and 8 hours total for everything to return to normal isn’t great.

A $1k AWS mistake

https://news.ycombinator.com/item?id=45978260

These sort of things show up about once a day between the three big cloud subreddit. Often with larger amounts

And it’s always the same – clouds refuse to provide anything more than alerts (that are delayed) and your only option is prayer and begging for mercy.

Followed by people claiming with absolute certainty that it’s literally technically impossible to provide hard capped accounts to tinkers despite there being accounts like that in existence already (some azure accounts are hardcapped by amount but ofc that’s not loudly advertised).

Havoc

These types of issues appear about once a day across the three major cloud subreddits, often involving larger amounts.

And it’s always the same – cloud providers refuse to offer anything more than delayed alerts, leaving you with no option but to pray and beg for mercy.

Then, there are always people who claim with absolute certainty that it’s literally technically impossible to provide hard-capped accounts for tinkers, despite the existence of such accounts (some Azure accounts are hard-capped by amount, but of course, that’s not widely advertised).

Verifying your Matrix devices is becoming mandatory…

https://news.ycombinator.com/item?id=45988038

I decommissioned my server 3 months ago and migrated my community back to IRC. I still had the IRC Podman containers kicking around, so that was easy.

I dealt with ~monthly issues around my devices not being correctly verified, messages not correctly decrypting, and various other rough UX edges. There seemed to be a lot of velocity in the beginning but the last couple of years have addressed approximately nothing in terms of the UX and it’s a crying shame as Matrix/Element (I no longer fully understand the difference/relationship between these entities) had a lot of potential.

unbolted3032

Three months ago, I decommissioned my server and migrated my community back to IRC. I still had the IRC Podman containers lying around, so that was easy.

I dealt with issues about once a month regarding my devices not being verified correctly, messages not decrypting properly, and various other rough user experience issues. There seemed to be a lot of momentum in the beginning, but over the last couple of years, there has been virtually no improvement in user experience, which is a real shame because Matrix/Element (I no longer fully understand the difference/relationship between these entities) had a lot of potential.

Leave a Comment