HN Reader

QUIC for the kernel (lwn.net)

104 points by Bogdanp 3h ago 63 comments

Gemini Embedding: Powering RAG and context engineering (developers.googleblog.com)

64 points by simonpure 2h ago 28 comments

Secure boot certificate rollover is real but probably won't hurt you (mjg59.dreamwidth.org)

33 points by zdw 1h ago 5 comments

How was the Universal Pictures 1936 opening logo created? (movies.stackexchange.com)

357 points by azeemba 7h ago 50 comments

MacBook Pro Insomnia (manuel.bernhardt.io)

195 points by speckx 4h ago 97 comments

Ubiquiti launches UniFi OS Server for self-hosting (lazyadmin.nl)

117 points by speckx 3h ago 83 comments

Launch HN: Gecko Security (YC F24) – AI That Finds Vulnerabilities in Code

27 points by jjjutla 2h ago 16 comments

AI Is a Floor Raiser, Not a Ceiling Raiser (elroy.bot)

37 points by jjfoooo4 1h ago 7 comments

Face it: you're a crazy person (experimental-history.com)

250 points by surprisetalk 3d ago 148 comments

Kaizen (YC X25) is hiring engineers to build browser agents that work (kaizenautomation.com)

1 points by michaelssilver 1h ago 0 comments

Show HN: AgentMail – Email infra for AI agents (chat.agentmail.to)

9 points by Haakam21 4h ago 0 comments

Introduction to Computer Music (cmtext.com)

201 points by hecanjog 7h ago 50 comments

I tried Servo (spacebar.news)

247 points by robtherobber 8h ago 174 comments

Ursa: A leaderless, object storage–based alternative to Kafka (streamnative.io)

68 points by netpaladinx 3h ago 22 comments

Show HN: Mcp-use – Connect any LLM to any MCP (github.com)

20 points by pzullo 2h ago 13 comments

Go Assembly Mutation Testing (words.filippo.io)

18 points by Metalnem 1h ago 1 comments

Carbon Language: An experimental successor to C++ (docs.carbon-lang.dev)

57 points by samuell 4h ago 34 comments

What is gVisor? (blog.yelinaung.com)

73 points by yla92 5h ago 43 comments

Zig Profiling on Apple Silicon (blog.bugsiki.dev)

55 points by signa11 2d ago 14 comments

Ferrari Status (collabfund.com)

15 points by surprisetalk 3d ago 18 comments

Show HN: Sourcebot – Self-hosted Perplexity for your codebase (github.com)

14 points by bshzzle 1d ago 1 comments

Show HN: The easiest accessibility (a11y) checker for VSCode (github.com)

5 points by beledev 2d ago 0 comments

NSW Fair Trading – Dark Patterns (nsw.gov.au)

55 points by ColinWright 5h ago 12 comments

How to Scan Force Pushed Commits for Secrets (trufflesecurity.com)

11 points by mmcclure 1h ago 0 comments

Advanced Rust macros with derive-deftly (diziet.pages.torproject.net)

14 points by todsacerdoti 2d ago 3 comments

Show HN: Astro dev blog template with 60 interactive colorschemes (multiterm.stelclementine.com)

11 points by stelcodes 1h ago 2 comments

So you're a manager now (scottkosman.com)

177 points by mooreds 6h ago 134 comments

U.S. senators introduce new pirate site blocking bill, "Block BEARD" (torrentfreak.com)

173 points by HieronymusBosch 4h ago 122 comments

150 years of Hans Christian Andersen (newstatesman.com)

111 points by wholeness 21h ago 33 comments

Orion Browser (kagi.com)

79 points by gtirloni 4h ago 57 comments

Following Up on the Python JIT (lwn.net)

73 points by Bogdanp 3d ago 32 comments

The Future of Programming (2013) (worrydream.com)

28 points by MattSayar 3h ago 5 comments

Magentic-UI: Towards Human-in-the-Loop Agentic Systems (arxiv.org)

24 points by fitzn 4h ago 5 comments

The Chrome Speculation Rules API allows the browser to preload and prerender (docuseal.com)

78 points by amadeuspagel 2h ago 56 comments

GEPA: Reflective prompt evolution can outperform reinforcement learning (arxiviq.substack.com)

80 points by che_shr_cat 8h ago 19 comments

Engineering Buy-In (venki.dev)

14 points by venkii 1h ago 2 comments

Sumo – Simulation of Urban Mobility (eclipse.dev)

135 points by Stevvo 3d ago 27 comments

How Long Before Superintelligence? (nickbostrom.com)

9 points by jxmorris12 1h ago 0 comments

Introduction to XEphem (Motif) (2006) (spiff.rit.edu)

9 points by hualapais 1h ago 2 comments

Many countries that said no to ChatControl in 2024 are now undecided (digitalcourage.social)

256 points by nickslaughter02 7h ago 165 comments

OpenAI's ChatGPT Agent casually clicks through "I am not a robot" verification (arstechnica.com)

197 points by joak 2d ago 233 comments

The Math Is Haunted (overreacted.io)

347 points by danabramov 22h ago 161 comments

Profiling without Source code – how I diagnosed Trackmania stuttering (larstofus.com)

38 points by ibobev 4d ago 3 comments

Go’s race detector has a mutex blind spot (doublefree.dev)

58 points by GarethX 2d ago 44 comments

How to trigger a command on Linux when power switches from AC to battery (dataswamp.org)

56 points by Mr_Minderbinder 8h ago 32 comments

Hundreds of agencies tap Atherton surveillance system for feds; Fails own rules (almanacnews.com)

40 points by creer 2h ago 18 comments

How Not to Study a Disease (2023) (neurofrontiers.blog)

11 points by wiry 2h ago 4 comments

GCP CloudQuarry: Searching for Secrets in Public GCP Images (trufflesecurity.com)

16 points by mooreds 4h ago 0 comments

Restaurant Industry Report from Square (squareup.com)

11 points by armdave 2h ago 10 comments

GenosDB (GDB) – Decentralized P2P Graph Database (npmjs.com)

24 points by estebanrfp 5h ago 4 comments

Secure boot certificate rollover is real but probably won't hurt you

33 zdw 5 7/31/2025, 5:21:07 PM mjg59.dreamwidth.org ↗

Comments (5)

M95D · 55m ago
> [...] systems that only trust the new certificate and not the old one would refuse to boot older Linux, wouldn't support old graphics cards, and also wouldn't boot old versions of Windows. Nobody wants that [...]

EVERYBODY wants that! And I mean ABSOLUTELY EVERYBODY! Updates are now mandatory everywhere, in both Windows and Linux, and GPU manufactureres would LOVE to make the old cards obsolete, even if technically the new cards aren't much better.

So expect to see the old certificate invalidated quickly and automatically, in the name of security, of course!

michaelt · 14m ago
Even if this did happen, there's a trivial workaround available: Just go into your BIOS and switch 'Secure Boot' off.

Secure Boot is a fine thing if you're a huge corporation and want to harden laptops against untrustworthy employees, or you've got such a huge fleet of servers they go missing despite your physical security controls, or you're making a TiVo style product you want to harden against the device owners. But when the user is the device owner? Doesn't do much.

trelane · 5m ago
> you're making a TiVo style product you want to harden against the device owners.

This sentence just makes me so sad

Arnavion · 14m ago
There is also the option of enrolling your own certs and resigning the bootloader and any Option ROMs you need, if you're really worried / expect to actually be broken by this.
dang · 39m ago
Recent and related:

Linux and Secure Boot certificate expiration - https://news.ycombinator.com/item?id=44601045 - July 2025 (265 comments)