HN Reader

Adding a feature because ChatGPT incorrectly thinks it exists (holovaty.com)

1261 points by adrianh 4d ago 420 comments

Nvidia won, we all lost (blog.sebin-nyshkim.net)

981 points by todsacerdoti 7d ago 570 comments

Bootstrapping a side project into a profitable seven-figure business (projectionlab.com)

958 points by jonkuipers 4d ago 255 comments

My open source project was relicensed by a YC company [license updated] (twitter.com)

932 points by sohzm 8d ago 504 comments

Local-first software (2019) (inkandswitch.com)

873 points by gasull 6d ago 295 comments

Introducing tmux-rs (richardscollin.github.io)

859 points by Jtsummers 8d ago 289 comments

Supabase MCP can leak your entire SQL database (generalanalysis.com)

831 points by rexpository 3d ago 462 comments

Bitchat – A decentralized messaging app that works over Bluetooth mesh networks (github.com)

779 points by ananddtyagi 5d ago 397 comments

Being too ambitious is a clever form of self-sabotage (maalvika.substack.com)

765 points by alihm 7d ago 208 comments

OpenAI’s Windsurf deal is off, and Windsurf’s CEO is going to Google (theverge.com)

732 points by rcchen 14h ago 470 comments

Measuring the impact of AI on experienced open-source developer productivity (metr.org)

701 points by dheerajvs 1d ago 457 comments

Are we the baddies? (geohot.github.io)

699 points by AndrewSwift 6d ago 522 comments

Grok: Searching X for "From:Elonmusk (Israel or Palestine or Hamas or Gaza)" (simonwillison.net)

676 points by simonw 1d ago 505 comments

The Rise of Whatever (eev.ee)

632 points by cratermoon 8d ago 506 comments

At Least 13 People Died by Suicide Amid U.K. Post Office Scandal, Report Says (nytimes.com)

624 points by xbryanx 1d ago 513 comments

Websites hosting major US climate reports taken down (apnews.com)

595 points by geox 9d ago 393 comments

US Court nullifies FTC requirement for click-to-cancel (arstechnica.com)

591 points by gausswho 3d ago 545 comments

Tree Borrows (plf.inf.ethz.ch)

574 points by zdw 2d ago 146 comments

Mercury: Ultra-fast language models based on diffusion (arxiv.org)

570 points by PaulHoule 4d ago 241 comments

Hidden interface controls that affect usability (interactions.acm.org)

561 points by cxr 6d ago 444 comments

Postgres LISTEN/NOTIFY does not scale (recall.ai)

556 points by davidgu 4d ago 298 comments

Linda Yaccarino is leaving X (nytimes.com)

545 points by donohoe 2d ago 1041 comments

Nobody has a personality anymore: we are products with labels (freyaindia.co.uk)

541 points by drankl 5d ago 497 comments

I extracted the safety filters from Apple Intelligence models (github.com)

537 points by BlueFalconHD 5d ago 435 comments

I used o3 to profile myself from my saved Pocket links (noperator.dev)

529 points by noperator 4d ago 203 comments

SVGs that feel like GIFs (koaning.io)

527 points by cantdutchthis 4d ago 131 comments

Open letter accuses BBC board member of having a conflict of interest on Gaza (theguardian.com)

524 points by mhga 4d ago 352 comments

Jane Street barred from Indian markets as regulator freezes $566M (cnbc.com)

518 points by bwfan123 5d ago 335 comments

Show HN: I wrote a "web OS" based on the Apple Lisa's UI, with 1-bit graphics (alpha.lisagui.com)

513 points by ayaros 5d ago 141 comments

ETH Zurich and EPFL to release a LLM developed on public infrastructure (ethz.ch)

502 points by andy99 17h ago 78 comments

Anthropic cut up millions of used books, and downloaded 7M pirated ones – judge (businessinsider.com)

494 points by pyman 5d ago 647 comments

Major reversal in ocean circulation detected in the Southern Ocean (icm.csic.es)

481 points by riffraff 8d ago 315 comments

A non-anthropomorphized view of LLMs (addxorrol.blogspot.com)

477 points by zdw 5d ago 418 comments

Show HN: Pangolin – Open source alternative to Cloudflare Tunnels (github.com)

472 points by miloschwartz 1d ago 114 comments

Google can now read your WhatsApp messages (neowin.net)

470 points by bundie 3d ago 321 comments

The force-feeding of AI features on an unwilling public (honest-broker.com)

452 points by imartin2k 6d ago 399 comments

Mini NASes marry NVMe to Intel's efficient chip (jeffgeerling.com)

452 points by ingve 7d ago 248 comments

Hannah Cairo: 17-year-old teen refutes a math conjecture proposed 40 years ago (english.elpais.com)

441 points by leephillips 5d ago 105 comments

Grok 4 Launch [video] (twitter.com)

431 points by meetpateltech 2d ago 598 comments

New sphere-packing record stems from an unexpected source (quantamagazine.org)

427 points by pseudolus 4d ago 217 comments

OBBB signed: Reinstates immediate expensing for U.S.-based R&D (kbkg.com)

425 points by tareqak 7d ago 370 comments

Bill Atkinson's psychedelic user interface (patternproject.substack.com)

423 points by cainxinth 1d ago 254 comments

The jank programming language (jank-lang.org)

414 points by akkad33 5d ago 134 comments

IKEA ditches Zigbee for Thread going all in on Matter smart homes (theverge.com)

406 points by thunderbong 3d ago 260 comments

The death of partying in the USA (derekthompson.org)

396 points by tysone 2d ago 701 comments

What a Hacker Stole from Me (mynoise.net)

390 points by wonger_ 6d ago 121 comments

Smollm3: Smol, multilingual, long-context reasoner LLM (huggingface.co)

385 points by kashifr 3d ago 75 comments

Apple vs the Law (formularsumo.co.uk)

377 points by tempodox 1d ago 391 comments

Why I left my tech job to work on chronic pain (sailhealth.substack.com)

372 points by glasscannon 7d ago 229 comments

How to Network as an Introvert (aginfer.bearblog.dev)

371 points by agcat 6d ago 139 comments

Chrome's hidden X-Browser-Validation header reverse engineered

5 dsekz 3 7/11/2025, 2:00:10 AM github.com ↗

Comments (3)

cebert · 1d ago
I have to imagine Google added these headers to make it easier for them to identify agentic requests vs human requests. What angers me is that this is yet another signal that can be used to uniquely fingerprint users.
dsekz · 1d ago
Dug into chrome.dll and figured out how the x-browser-validation header is generated. Full write up and PoC code here: https://github.com/dsekz/chrome-x-browser-validation-header

Why do you think Chrome bothers with this extra headers. Anti-spoofing, bot detection, integrity or something else?

twapi · 1d ago
Seems like they are using these headers only for google.com requests.