The best Hacker News stories from Show from the past day

from

All Show

from the past*

day week month

with these search terms:

Create follow Go back

Latest posts:

Show HN: Microcrad – Micrograd Reimplemented in C

Show HN: We post-trained a model that pen tests instead of refusing

Anthropic and OpenAI's publicly available models are explicitly guard-railed so that they refuse offensive tasks. And their cyber-focussed models are gated for enterprises. This leaves SMEs and mid market open to major vulnerabilities.<p>AI can be used as both an adversarial and defensive tool in the world of cyber. A worst case outcome is if only the adversaries have access.<p>Meanwhile, most existing AI cyber tools are just wrappers. The problem is that they still have all the guardrails on from the foundation model where they will inherit its refusals.<p>For this project we've post-trained a specific model on a decade of capture-the-flag contests. This won't be made available to anyone and everyone, but we do believe that responsible SMEs and midmarket companies also need access to these tools in order to identify key vulnerabilities in their systems; not just enterprises.<p>We have developed two modes that run over a CLI:<p>• Security scan: a read-only audit of your local codebase for vulnerabilities. It only reports what it can tie to a specific file and line, so you're not wading through vibes-based findings.<p>• Pen test: an active adversarial mode that will try to break a live system in a sandboxed environment. It proves each vulnerability by running the exploit and showing the request it sent and the response your code gave back, not a confidence score. Currently gated.<p>To show what the scan does, we pointed it at Bank of Anthos and it found an integer overflow in the transfer path: amount is an int, and amount + fee can overflow negative, so the balance check passes and you move funds you don't have. Plus the usual auth and secrets issues. (Bank of Anthos is Google's open-source bank. It's a known app and some of it is intentionally weak, which is the point: you can clone it and re-run the scan yourself instead of trusting a screenshot)<p>The base model is a Kimi K2.6 (open weights). We didn't pretrain from scratch. We post-trained it ourselves, SFT on CTF writeups, then RL with verifiable rewards against actual exploit checks.<p>How the harness works:<p>Along with the model we built the harness to support this. The harness runs on a multi-agent swarm: an orchestrator splits the job across subagents running in parallel, each owning a slice, then synthesising one report.<p>The CLI is a local binary (brew/curl). It reads your code locally, then sends context to our inference API over TLS tcpdump it and you'll see exactly what leaves and where. Install is free; and you can run a scan for free up to 2m tokens, then need to pay for tokens beyond this.<p>For full disclosure this is a product part of Cosine (YC W23)<p>Up for debate: tool safety, e.g. domain verification is one method that proves control but not necessarily permission. How would you gate a pen-test tool given that?

Show HN: Ember, a native iOS Hacker News reader I built around accessibility

I read HN on my phone every day and never really settled on a reader, so I wrote my own and finally tidied it up enough to put out there.<p>It's plain SwiftUI with no third-party dependencies. A few things I spent the most time on:<p>Comments are parsed and drawn as native text instead of being dumped into a web view. Links, italics, quotes and code blocks behave like the rest of the OS, text selection works, and threads collapse instantly. The whole comment tree comes back from the Algolia API in a single request, which felt a lot nicer than walking the Firebase API node by node.<p>Accessibility. Nothing depends on color on its own, so points, read state and selection all carry a shape or an icon too. VoiceOver reads each story as one coherent element with proper actions, Dynamic Type and Reduce Motion are respected, and there's a color-blind mode. The first-run setup actually looks at your device's accessibility settings, switches on the matching options, and tells you what it changed instead of making you hunt for them.<p>Then the usual things you'd expect: Top/New/Best/Ask/Show/Jobs, search, saved stories, read tracking, an in-app reader, light and dark, and a handful of accent colors.<p>It only talks to the public HN APIs, there's no account and nothing is tracked. Source and screenshots are in the repo.<p>I'd most like feedback on the comment rendering and the accessibility choices, since those were the parts I cared about getting right. Happy to answer anything about how it's put together.

Show HN: Make PDFs look scanned (CLI or in the browser via WASM)

I made this because the online "make my PDF look scanned" tools want you to upload your file to their servers, which feels sketchy at best. Also, I wasn't happy with the output they produce, I wanted something that looks realistic.

Show HN: StartupWiki – A Free Alternative to Crunchbase

I've been building StartupWiki, a free startup database designed to make it easier to discover and research companies.<p>The original motivation was frustration with how difficult it can be to find information on early-stage startups. Most databases need accounts, or subscriptions, ro just feel too cluttered. I wanted a website that felt like Wikipedia, no accounts, no subscriptions, no weird metrics, just go in, the info is on the page.<p>The project is still very early, but currently includes:<p>Startup profiles Search and filtering Company categorization Public API (in progress)<p>I'm especially interested in feedback on:<p>What information you look for when researching startups Features missing from existing startup databases API use cases<p>I'd love to hear feedback.

Show HN: Pagecast – Publish Markdown/HTML Reports to Cloudflare Pages

I built this because I kept generating HTML/Markdown reports from Claude Code/Codex and needed a permanent share link instead of a localhost tunnel. Pagecast is a local CLI that publishes those files to your own Cloudflare Pages account.<p>It supports Markdown and HTML, stable URLs, renaming, republishing to the same URL, and watch mode for continuous updates to same file. It is MIT licensed.<p>The main design choice is that there is no hosted Pagecast account. It uses your Cloudflare account and deploys there directly and has claude code and codex integrations as skill/hooks.<p>Basically it can be used as a replacement for codex sites or claude artifacts

Show HN: Modeloop – From visual algorithms to microcontroller C code

Show HN: Metiq: a real time 3D globe for 100 public datasets

The concept for metiq.space came after playing Global Magnates with friends and realizing how fragmented live global data is. ships, aircraft, satellites, ports, weather, hazards, infrastructure, cyber, and public datasets all exist, but they usually live in separate tools and maps.<p>The goal was to build one interactive 3D globe where live public data could be visualized by latitude, longitude, and altitude. Surface data stays on the globe, while aircraft, satellites, and other above surface things can be represented in actual 3D space instead of being flattened onto a map.<p>The outcome is an interactive globe that showcases Earth, air, sea, space, cyber, defense, infrastructure, politics, and the list is continuously growing.<p>Majority of development right now is going into data filtering and deduping.

Show HN: Metiq: a real time 3D globe for 100 public datasets

The concept for metiq.space came after playing Global Magnates with friends and realizing how fragmented live global data is. ships, aircraft, satellites, ports, weather, hazards, infrastructure, cyber, and public datasets all exist, but they usually live in separate tools and maps.<p>The goal was to build one interactive 3D globe where live public data could be visualized by latitude, longitude, and altitude. Surface data stays on the globe, while aircraft, satellites, and other above surface things can be represented in actual 3D space instead of being flattened onto a map.<p>The outcome is an interactive globe that showcases Earth, air, sea, space, cyber, defense, infrastructure, politics, and the list is continuously growing.<p>Majority of development right now is going into data filtering and deduping.

Show HN: Talos – Open-source WASM interpreter for Lean

At Cajal (YC W26) we’re excited to share Talos (<a href="https://github.com/cajal-technologies/talos" rel="nofollow">https://github.com/cajal-technologies/talos</a>), an open source framework for formal verification of WebAssembly modules in Lean.<p>AI is now writing tons of the code that gets pushed to production. As code generation gets cheaper, verification becomes the bottleneck. We believe in a future where every piece of software comes with a mathematical proof that it does what its author intended - in doing so, eliminating many classes of exploits. Talos is part of the foundation for that.<p>Talos provides a Wasm interpreter optimized for reasoning at the binary level, together with a weakest-precondition calculus layer for proving properties about programs. Because we reason directly about WebAssembly, any language with a Wasm backend is in scope: Rust, C++, Go, C, Swift, Kotlin, Zig, C#, and many more.<p>To make this possible, we use Lean: a programming language and theorem prover that lets you both write software and mathematically prove that it's correct - all in one system. That's what lets Talos double as both an executable interpreter and the formal object Lean reasons about. Lean also integrates with modern AI proving tools, discharging goals automatically via both proof search and direct evaluation.<p>To see Talos in action check out a proof for Stein's GCD algorithm, implemented in the popular Rust crate num-integer: <a href="https://github.com/cajal-technologies/talos/blob/main/programs/lean/Project/NumInteger/Spec.lean#L562-L588" rel="nofollow">https://github.com/cajal-technologies/talos/blob/main/progra...</a>.<p>Our roadmap:<p>- Full Wasm coverage by first passing the official W3C testsuite, then later verifying against SpecTec (formal Wasm spec) - Arbitrary crate verification - any Rust crate that compiles to Wasm should be in scope - Building our proof library codelib, to make verifying increasingly complex programs tractable<p>We would love to hear the community’s feedback on Talos and comments on the state of formal verification right now. Contributions are also welcome!

Show HN: Talos – Open-source WASM interpreter for Lean

At Cajal (YC W26) we’re excited to share Talos (<a href="https://github.com/cajal-technologies/talos" rel="nofollow">https://github.com/cajal-technologies/talos</a>), an open source framework for formal verification of WebAssembly modules in Lean.<p>AI is now writing tons of the code that gets pushed to production. As code generation gets cheaper, verification becomes the bottleneck. We believe in a future where every piece of software comes with a mathematical proof that it does what its author intended - in doing so, eliminating many classes of exploits. Talos is part of the foundation for that.<p>Talos provides a Wasm interpreter optimized for reasoning at the binary level, together with a weakest-precondition calculus layer for proving properties about programs. Because we reason directly about WebAssembly, any language with a Wasm backend is in scope: Rust, C++, Go, C, Swift, Kotlin, Zig, C#, and many more.<p>To make this possible, we use Lean: a programming language and theorem prover that lets you both write software and mathematically prove that it's correct - all in one system. That's what lets Talos double as both an executable interpreter and the formal object Lean reasons about. Lean also integrates with modern AI proving tools, discharging goals automatically via both proof search and direct evaluation.<p>To see Talos in action check out a proof for Stein's GCD algorithm, implemented in the popular Rust crate num-integer: <a href="https://github.com/cajal-technologies/talos/blob/main/programs/lean/Project/NumInteger/Spec.lean#L562-L588" rel="nofollow">https://github.com/cajal-technologies/talos/blob/main/progra...</a>.<p>Our roadmap:<p>- Full Wasm coverage by first passing the official W3C testsuite, then later verifying against SpecTec (formal Wasm spec) - Arbitrary crate verification - any Rust crate that compiles to Wasm should be in scope - Building our proof library codelib, to make verifying increasingly complex programs tractable<p>We would love to hear the community’s feedback on Talos and comments on the state of formal verification right now. Contributions are also welcome!

Show HN: 10x better performance from the Coding Harnesses with LLM-wiki

Show HN: Deconvolution – a Rust image deconvolution and restoration crate

I've been working on deconvolution, a comprehensive Rust image deconvolution and restoration library. Deconvolution implements 28 different image deconvolution/restoration methods which range from practical blur removal techniques to research-grade scientific imaging algorithms.<p>Features:<p>- Top-level functions use image::DynamicImage and return images<p>- Inverse filters, Wiener, Richardson-Lucy, constrained, proximal, Krylov, MLE restoration<p>- Blind Richardson-Lucy, blind maximum likelihood, parametric PSF estimation<p>- Kernel2D, Kernel3D, Transfer2D, Transfer3D, Blur2D/Blur3D<p>- Gaussian, motion, defocus, microscopy models, support utilities, PSF/OTF conversion<p>- Edge tapering, apodization, range normalization, NSR estimation<p>- Deterministic blur, noise, synthetic fixture generation<p>- ndarray support for 2D image arrays and 3D volume<p>this project is a WIP, of course:)

Show HN: Spin Lab

Hey HN, I built Spin Lab: a browser-based interactive explainer for table-tennis spin. It visualizes topspin/backspin, spin rate, ball trajectory, bounce behavior, and why the opponent’s return reacts the way it does. I built it because spin is central to table tennis, but most explanations are either too hand-wavy or too static.<p>Thanks Fable, we miss you

Show HN: We built an 8-bit CPU as 2nd year EE students

Hi! me and my friends together built an 8 bit CPU implemented in Logisim purely from scratch. The control unit of this system does not implement the generic microcode ROM or any kind of RAM. This was made purely from discrete logic gates and coded the system to run different programs.<p>key features: Custom 16-instruction Harvard ISA, 8-bit fixed format, 4 general purpose registers<p>Hardwired control unit built entirely from AND/OR gate logic matrix<p>Dual-phase clocking to eliminate race conditions<p>Bootstrap Control Unit that cold-boots via ROM-to-RAM transfer Early-exit conditional branching that saves upto 25% cycles when conditions aren't met<p>Full design specification document with version control<p>Since this was our first time doing such teamwork and a new thing we used RISC based system that fetches an 8-bit instruction from Instruction memory 4 bits of which translate to an instruction the last two bits are for source and destination registers. There are a total of 4 registers in the system with two memory units namely Data SRAM and I SRAM, the system follows a Harvard architecture.<p>There are design discrepancies too since it was our first time designing such a system and on top of that completely hardwired too.<p>To solve the problem of cold booting a bootloader is present too that copies the contents of a temporary ROM into instruction RAM and then hands over the reins to the CPU.<p>We also implemented conditional branching as well as early exit branching too that only checks for zero or carry flag and branches without wasting cycles, if the conditions are not met the Program counter increments.<p>Moreover we also created a complete documentation with version control describing each necessary part assuming prior knowledge.<p>Please take a look at it at <a href="https://github.com/c0rRupT9/STEPLA-1" rel="nofollow">https://github.com/c0rRupT9/STEPLA-1</a><p>For future development I want to implement a RISC CPU using FPGA's and connect it to an actual DRAM. We are also selling the full spec document and Logisim files for $5 to fund our passion <a href="https://tcfdiq.gumroad.com/l/zyyux" rel="nofollow">https://tcfdiq.gumroad.com/l/zyyux</a> Thankyou!

Show HN: We built an 8-bit CPU as 2nd year EE students

Hi! me and my friends together built an 8 bit CPU implemented in Logisim purely from scratch. The control unit of this system does not implement the generic microcode ROM or any kind of RAM. This was made purely from discrete logic gates and coded the system to run different programs.<p>key features: Custom 16-instruction Harvard ISA, 8-bit fixed format, 4 general purpose registers<p>Hardwired control unit built entirely from AND/OR gate logic matrix<p>Dual-phase clocking to eliminate race conditions<p>Bootstrap Control Unit that cold-boots via ROM-to-RAM transfer Early-exit conditional branching that saves upto 25% cycles when conditions aren't met<p>Full design specification document with version control<p>Since this was our first time doing such teamwork and a new thing we used RISC based system that fetches an 8-bit instruction from Instruction memory 4 bits of which translate to an instruction the last two bits are for source and destination registers. There are a total of 4 registers in the system with two memory units namely Data SRAM and I SRAM, the system follows a Harvard architecture.<p>There are design discrepancies too since it was our first time designing such a system and on top of that completely hardwired too.<p>To solve the problem of cold booting a bootloader is present too that copies the contents of a temporary ROM into instruction RAM and then hands over the reins to the CPU.<p>We also implemented conditional branching as well as early exit branching too that only checks for zero or carry flag and branches without wasting cycles, if the conditions are not met the Program counter increments.<p>Moreover we also created a complete documentation with version control describing each necessary part assuming prior knowledge.<p>Please take a look at it at <a href="https://github.com/c0rRupT9/STEPLA-1" rel="nofollow">https://github.com/c0rRupT9/STEPLA-1</a><p>For future development I want to implement a RISC CPU using FPGA's and connect it to an actual DRAM. We are also selling the full spec document and Logisim files for $5 to fund our passion <a href="https://tcfdiq.gumroad.com/l/zyyux" rel="nofollow">https://tcfdiq.gumroad.com/l/zyyux</a> Thankyou!

Show HN: Gerrymandle - Daily puzzle game where you redraw electoral districts

Show HN: Gerrymandle - Daily puzzle game where you redraw electoral districts

Show HN: Gerrymandle - Daily puzzle game where you redraw electoral districts

Show HN: Are You in the Weights?

With more traffic moving off-web and into LLMs, I got curious about what traces we leave "in the weights". My design partner and I built a site in the past few weeks that checks recognition across frontier and small models. It queries many of them in parallel, clusters the responses, and tells you how strongly they recognize you. Happy to answer any questions here!