Hacker News • Past 24h

The article argues that AI cybersecurity capability is highly task-dependent and “jagged,” showing that small, cheap open(-weights) models can reproduce much of Anthropic Mythos’s showcased vulnerability analysis, so the durable advantage lies in the surrounding security system and expertise rather than any single frontier model.

A bootstrapper outlines a practical playbook for building and scaling web products on minimal cost—using a single cheap VPS, Go binaries, local GPU-based AI for batch work, OpenRouter for frontier models, Copilot for coding, and SQLite (with WAL) instead of heavyweight cloud infrastructure.

UC Berkeley researchers show that eight leading AI agent benchmarks can be systematically “solved” via evaluation exploits (e.g., test hooks, answer leakage, prompt injection, and shared-environment tampering) without completing tasks, and propose an adversarial checklist and tooling (BenchJack) to harden benchmark design.

An iOS update removed the ability to enter the Czech háček character on the lock-screen keyboard for alphanumeric passcodes, leaving at least one iPhone user locked out and facing data loss unless Apple restores the character input.

This essay argues that widespread deployment of LLMs will primarily increase everyday frustration—by automating customer service, forcing people to bargain with inscrutable models, diffusing accountability for harmful decisions, and enabling new forms of manipulative advertising and “agentic commerce” dark patterns.

The post reverse-engineers macOS’s Apple Silicon two-VM limit, shows it’s enforced in the XNU hypervisor code via a quota variable, and demonstrates overriding it by booting a development kernel collection with specific boot-args to run many concurrent macOS VMs.

A US fifth circuit appeals court ruled that a Reconstruction-era federal ban on home distilling is unconstitutional, finding it an improper use of Congress’s taxing power and supportive of limits on federal authority.

This long-form post argues that Font Awesome’s rebranding of the Eleventy static-site generator into the monetized “Build Awesome” product repeats past failed attempts to commercialize SSG ecosystems and risks alienating the existing 11ty community.

The essay argues that as AI-driven disruption grows and powerful systems become physically and socially inaccessible, public anger will increasingly translate into real-world violence against the people associated with AI and data centers, with little good coming from it.