HackerNews Digest

None

None

Zed 1.0 is a native desktop code editor built from the ground up in Rust, using a custom GPU‑accelerated UI framework (GPUI) rather than web‑based technologies like Electron. By owning the entire stack, the team eliminated platform constraints and achieved higher performance and extensibility. The editor now supports a full language ecosystem (Git, SSH, debugging, etc.) across macOS, Windows, and Linux, with over a million lines of code. Zed is “AI‑native”: multiple AI agents (Claude, Codex, OpenCode, Cursor) can run in parallel via the Agent Client Protocol, providing keystroke‑level edit predictions. A forthcoming Business edition will add centralized billing, role‑based access, and team management. Development continues on DeltaDB, a CRDT‑based synchronization engine that records character‑level edits, enabling real‑time collaboration among humans and AI agents. Zed’s release cadence remains weekly, and the project is open to contributors and hiring.

CVE‑2026‑31431 (“Copy Fail”) affects Linux kernels built from 2017 up to the patch release, encompassing virtually all mainstream distributions that enable the kernel crypto API (AF_ALG) by default. The vulnerability can be exploited locally by any unprivileged user without requiring network access, debugging features, or pre‑installed primitives. Tested kernels include 6.17.0‑1007‑aws, 6.18.8‑9.213.amzn2023, 6.12.0‑124.45.1.el10_1, and 6.12.0‑160000.9‑default; similar behavior is expected on Debian, Arch, Fedora, Rocky, Alma, Oracle, and embedded systems. Impact categories and severity: - Multi‑tenant Linux hosts (shared dev boxes, jump hosts, build servers): any user can obtain root – **High**. - Kubernetes/containers: shared page cache allows a compromised pod to gain host‑level root – **High**. - CI runners & build farms (GitHub Actions, GitLab, Jenkins): untrusted PR code can become root – **High**. - Cloud SaaS running user code (notebooks, serverless functions): tenant can gain host root – **Medium**. - Standard single‑tenant servers: local privilege escalation useful for chaining with other exploits – **Lower**. - Single‑user workstations: provides a post‑exploitation privilege‑escalation step – **Low**.

E. coli’s genome, if stretched, is ~1,000 × longer than the micrometer‑scale cell that contains it; a billion descendants could span the Earth‑Moon distance. The cell’s interior is ~70 % water, 30 % macromolecules (proteins, RNA, lipids), with DNA comprising ~1 % of mass, yet all fit within a volume ≈ 10⁻¹⁵ L. E. coli carries ~4,400 genes; ~25 % are actively transcribed. RNA polymerase moves ~40 bases s⁻¹, making an RNA in <30 s with ≈1 error per 10⁵ bases. Ribosomes translate an average protein in ~24 s; a cell harbors 3–4 million proteins. Small molecules diffuse ≈1 cm s⁻¹, whereas proteins travel only a few micrometers per second, setting an upper size limit for cells. Even at 0.5 mM substrate (1 per 10⁵ water molecules), enzymes encounter ~5 × 10⁵ substrate collisions s⁻¹. These quantitative facts illustrate that cellular biochemistry operates in an extremely crowded, dynamic environment, and that mathematical analysis is essential for understanding biological rates, efficiencies, and constraints.

The repository implements the full experimental pipeline for “Alignment Whack‑a‑Mole: Finetuning Activates Verbatim Recall of Copyrighted Books in Large Language Models.” It provides: - **Data preprocessing**: Convert EPUB → plain text, split into 300‑500 word excerpts, merge short chunks, generate plot summaries with GPT‑4o, and produce finetuning instructions in JSON format. - **Finetuning scripts**: Support for OpenAI (GPT‑4o), Vertex AI (Gemini), and Tinker (DeepSeek) APIs. Includes LoRA training (rank 32, lr 5e‑4, 3 epochs) and batch generation of 100 completions per excerpt at temperature 1.0. - **Evaluation tools**: Four memorization metrics (k‑recall, trim‑k, span‑threshold, etc.) and scripts for cross‑excerpt memorization analysis and cross‑model similarity (Jaccard of BMC coverage masks). - **Utility setup**: Dependency management via `uv`, required Python packages, NLTK data download, and API‑key configuration. - **Example data**: Small subset of excerpts and generations from *The Road* (full copyrighted content omitted). Citation: Liu et al., “Alignment Whack‑a‑Mole,” arXiv 2603.20957 (2026).

None

The author evaluates Zig using three criteria: expressive noise, type‑system programmability, and “mean‑free path” (code before a surprise). Zig’s comptime is presented as a simpler alternative to Haskell‑style type‑level programming, enabling nominal types via singleton structs, sum types with unions, and type‑class‑like dictionaries created at compile time. Memory management is explicit but ergonomically supported through arenas and allocators, avoiding the pointer‑heavy, garbage‑collected models of languages such as Haskell, OCaml, and Lisp. The new IO interface (e.g., std.Io) resembles an IO monad, and closures, currying, and higher‑order functions are achievable without a GC. The author notes Zig’s “no spooky‑action‑at‑a‑distance” philosophy, which makes semantics predictable and reduces surprises compared with Rust or C++. Overall, Zig satisfies the author’s goals for low noise, strong compile‑time type manipulation, and a high mean‑free path, making it a promising systems language for functional programmers.

OpenTrafficMap interface displays traffic‑light data. When no traffic light is selected, the message “Keine Ampel ausgewählt” appears. Users can interact with the map by clicking on a lane or connection, which triggers display of debug information for that element. Selecting a specific traffic light reveals its associated signal groups. The UI thus provides a way to inspect individual traffic‑light configurations and underlying lane/connection debug data directly on the map.

FastCGI is a 30‑year‑old binary wire protocol that can replace HTTP for communication between reverse proxies and backend services. Unlike HTTP/1.1, FastCGI provides explicit message framing, eliminating the parsing ambiguities that cause desynchronisation and request‑smuggling attacks. It also separates trusted proxy data from client‑supplied headers: proxy‑added parameters are prefixed (e.g., `REMOTE_ADDR`, `HTTP_*`), preventing clients from injecting spoofed values such as `X‑Real‑IP` or `True‑Client‑IP`. Major proxies (nginx, Apache, Caddy, HAProxy) support FastCGI backends with simple configuration directives (`fastcgi_pass`, `fcgi://`). In Go, switching from `http.Serve` to `fcgi.Serve` requires only a library import; the application handler and request/response types remain unchanged. Limitations include lack of WebSocket support, fewer tooling options (e.g., curl cannot query FastCGI directly), and less‑optimized server implementations that may yield lower throughput than modern HTTP/2 setups. Despite these drawbacks, FastCGI offers deterministic framing and secure header handling, making it a viable alternative for reverse‑proxy architectures that can tolerate its tooling gaps.