HackerNews Digest

In January 2026 Iran imposed a nationwide communications shutdown, cutting global internet access for over 90 million people. NetFreedom Pioneers responded with Toosheh, a one‑way data‑delivery system that piggybacks on free‑to‑air satellite TV. Using a digital video broadcasting (DVB) receiver, users capture an MPEG transport stream that carries compressed bundles of news, videos, software and tutorials in .ts format. The stream is broadcast via a Yahsat satellite over the Middle East; no subscription or two‑way link is required, making the transmission untraceable. To mitigate terrestrial jamming, Toosheh adds 5‑30 % redundant packets, enabling reconstruction of lost data. Operating costs are fixed—tens of thousands of dollars per month for satellite bandwidth—while end‑user hardware costs under $50. Since 2015, Toosheh has supported protests, delivered anti‑censorship tools, and expanded to public education, with plans for intelligent curation and offline sharing. It complements limited Starlink deployments, offering a low‑cost, resilient alternative for information access under severe internet blackouts.

The author envisions a hybrid computing model that leverages physical interaction—pen‑strokes on paper, note cards, wall‑mounted calendars—while retaining digital benefits such as persistence, synchronization, and AI‑driven transcription. By uploading handwritten drafts to ChatGPT, near‑perfect digital copies can be created, enabling tasks like email responses or document markup without direct screen use. Physical layouts provide multidimensional cues (size, color, position) and allow ad‑hoc manipulation (stacking, cutting, taping) that software lacks. However, conventional digital tools (virtual calendars, smartphones) offer automatic updates, time‑zone handling, and cross‑application integration, which the author finds essential but intrusive due to constant notifications and multitasking demands. A proposed solution is mode‑specific operating environments that restrict functionality to a single task (e.g., lookup‑only, typewriter‑only). The piece also references autonomous earth‑moving machines that could revive labor‑intensive, adaptive construction methods, suggesting that advanced technology might reduce reliance on screens rather than increase it. The central question is how to blend physical affordances with digital convenience to minimize screen interaction.

The article discusses Anthropic’s Mythos, a large language model (LLM) claimed to excel at cybersecurity tasks. A third‑party assessment by the AI Security Institute (AISI) found Mythos outperformed other models (Opus 4.6, GPT‑5.4) in a 32‑step corporate network attack simulation, completing the task in 3 of 10 runs, whereas the others failed. Each attempt was allocated 100 million tokens (≈ $12,500), and AISI observed no diminishing returns as token budgets increased. The author argues this creates a “proof‑of‑work” security economy: defenders must spend more tokens on exploit discovery than attackers spend on exploitation. Consequences include heightened reliance on open‑source software (to benefit from token‑driven audits) and a three‑phase development pipeline—development, code‑review, and hardening—where the final phase is token‑budget limited. The piece suggests continuous, budgeted AI‑driven security testing could become standard, but effectiveness remains tied to the cost of tokens relative to exploit value.

The author built a reusable Go viewport component for terminal user interfaces (TUIs) to handle large, styled text blocks such as logs and manifests. Integrated with the Bubble Tea framework, the component provides a resizable, scrollable box with a position indicator, horizontal panning for unwrapped text, ANSI styling support, Unicode‑aware width calculations, and efficient handling of multi‑line items. It is divided into three modules: **Item** (maps code points to byte offsets and terminal cell widths), **Viewport** (displays items and manages navigation), and **FilterableViewport** (adds regex, case‑insensitive, and exact‑match search with match navigation and context toggling). Selection can be enabled to return a generic object via `GetSelectedItem`. The component powers the author’s TUI tools—`kl` for Kubernetes logs and `lore`, a personal pager set as `$PAGER`. Installation is via `go run` or a Docker image, and the implementation emphasizes performance even with extensive text.

None

Amandla Thomas‑Johnson, a dual‑British/Trinidad‑and‑Tobago Ph.D. candidate on a U.S. student visa, attended a brief pro‑Palestinian protest at Cornell in September 2024. In April 2025 ICE issued an administrative subpoena for his Google account data; Google complied in May 2025 and sent Thomas‑Johnson an email confirming the release without providing prior notice or an opportunity to challenge the request, contrary to its longstanding policy of notifying users before disclosing data. The subpoena sought subscriber information—including IP addresses, physical address, identifiers, and session timestamps—which together can construct a detailed surveillance profile. The Electronic Frontier Foundation (EFF) obtained the subpoena, filed complaints with the California and New York attorneys general alleging deceptive trade practices, and highlighted the broader risk of state authorities leveraging corporate data without user safeguards. The case underscores concerns about the intersection of governmental investigative power, private data repositories, and the erosion of users’ ability to contest law‑enforcement data requests.

The page is titled “God sleeps in the minerals” and is hosted on the Chamblissian site. The visible content consists solely of the title repeated as a heading and two visual elements identified only by their alt‑text descriptors: “Unknown’s avatar” and “equipettf1’s avatar.” No additional narrative, explanatory text, or contextual information about the phrase “God sleeps in the minerals” is provided. Consequently, the page offers no substantive discussion, arguments, or data related to the title’s implied theme, and the only material present is the heading and the two avatar images.

Cal.com is transitioning its production codebase from open source to closed source, citing heightened security risks posed by AI. The company argues that modern AI tools can rapidly scan publicly available code, identify vulnerabilities, and generate exploits, effectively giving attackers “blueprints” to the software. Recent AI‑driven security startups have produced multiple, sometimes conflicting vulnerability reports, making it hard to determine a reliable security baseline. To protect user data, Cal.com chose to close its main code while still supporting the open‑source community by releasing a separate MIT‑licensed version, Cal.diy, which diverges significantly from the production system (including rewrites of authentication and data handling). The decision references an AI discovery of a 27‑year‑old BSD kernel flaw as evidence of the accelerated threat landscape. Cal.com hopes to revert to open source when security conditions improve.

McDonald’s Japan notes that most menu, allergen, nutrition, and origin details are provided only in Japanese, except for limited English information such as ordering prompts and a few restaurant English menus. Allergen labeling follows Japanese standards (8 mandatory ingredients, 20 recommended) as of September 2024. The page lists visual assets for a broad range of products, primarily burgers and related items, with alt‑text identifiers for each image. Items include: various chicken‑based sandwiches (Tartar Yurinchi‑style Chicken Tatsuta, Cheese Chicken Tatsuta, Chicken McMuffin, McChicken®, McChicken® Cheese), classic beef burgers (Big Mac®, Double Cheeseburger, Hamburger, Cheeseburger), regional “Bai” variations (Bai Big Mac, Bai Double Cheeseburger, Bai Teriyaki McBurger, etc.), fish options (Filet‑O‑Fish®, Shrimp Filet‑O), pork (McPORK®), and breakfast items (Egg McMuffin®, Bacon Egg McSandwich, Sausage Egg Muffin, Mega Muffin, McGriddles variants). The collection reflects the full burger lineup and associated limited‑time or specialty offerings displayed on the site.

Spherical harmonics (SH) form an infinite orthonormal basis of polynomial functions on the unit sphere, allowing any continuous directional function—such as radiance \(L_i(p,\omega_i)\) or irradiance—to be expressed as a weighted sum of SH basis functions \(Y_\ell^m\). By truncating the series to a finite number of coefficients, usually the first few “frequency bands” (degrees \(\ell\)), one obtains a low‑frequency approximation that is cheap to evaluate. Each band \(\ell\) contains \(2\ell+1\) functions indexed by order \(m\in[-\ell,\ell]\); low \(\ell\) captures coarse variation, while higher \(\ell\) encodes finer detail. Real‑time graphics typically restrict \(\ell\le 2\) or 3, balancing accuracy and storage. The article provides JavaScript definitions for SH basis functions up to \(\ell=3\) (constants \(C\) derived from \(\sqrt{1/\pi}\) factors) and an `evalSHBasis(d,l)` routine that returns the evaluated basis values for a direction \(d=(x,y,z)\). This practical code enables developers to compute SH coefficients for lighting or other spherical data.