Apr 2, 2026

Hacker News Evening Brief - April 2, 2026

An evening snapshot of what Hacker News is reading: Google and Qwen both ship major model releases, LinkedIn gets caught running one of the largest browser surveillance operations ever documented, SpaceX targets a $1.75 trillion IPO, and a WordPress founder narrowly escapes a remarkably sophisticated phishing attack.

AI & Tech Policy

Gemma 4: Google’s Latest Open Models

Google released Gemma 4, a family of four open-weight models under the Apache 2.0 licence: a 31B dense model, a 26B MoE with 4B active parameters, and two mobile-focused variants at 2B and 4B. All models accept images and text, and the smaller two also accept audio input — an unusual combination for models this size. The 31B model features chain-of-thought reasoning and tool calling, while the 26B MoE offers similar quality at roughly twice the inference speed for the same VRAM. Benchmark charts prominently feature Codeforces ELO scores, where Gemma tops several rankings.

HN Discussion: Redis creator antirez called Google’s decision to lead benchmarks with Codeforces ELO “very misleading,” noting the dense 31B model doesn’t beat Qwen 3.5 27B on most measures. Others pointed out that the E2B and E4B variants are surprisingly capable for local deployment and could serve well for OCR and speech recognition on consumer hardware. Simon Willison tested image generation on each size and found the 26B MoE produced an “outstanding pelican,” while the 31B model was broken for him. Multiple commenters flagged the Apache 2.0 licence as the real differentiator.

Qwen 3.6 Plus: Alibaba’s Hosted-Only Model Claims Opus 4.5 Parity

Alibaba released Qwen 3.6 Plus, a closed-weight, hosted-only model that benchmarks close to Anthropic’s Opus 4.5. Unlike nearly all previous Qwen releases, the parameter count is undisclosed and no weights are downloadable. The model is available through Alibaba’s API and, temporarily, for free on OpenRouter. Smaller open-weight variants are promised “in the coming days.” The benchmarks provided compare against Opus 4.5 rather than the current Opus 4.6, which drew criticism.

HN Discussion: The dominant theme was frustration over the benchmark comparison targeting a previous-generation model. Several commenters argued Qwen built goodwill through open-weight releases and is now pivoting to a closed commercial strategy. Others pushed back, noting that Qwen has offered closed “Plus” and “Max” variants for over a year — this isn’t new. One commenter observed that B-tier models are now consistently six months behind frontier performance, meaning Opus 4.5-level intelligence will be cheap by late 2026.

Ask HN: Students Need AI Workflows, Not Just Coding

An Ask HN thread posed the question of whether education should shift from teaching traditional programming to teaching students how to orchestrate AI workflows — breaking down tasks into chains of agents that can complete specific work reliably. The premise is that the ability to decompose problems and direct AI tools may be more durable than learning any particular programming language.

HN Discussion: The top comment pushed back hard: “Students just aren’t using LLMs as a learning resource. They are using them as a way to avoid thinking, avoid research, and just spit out an answer they can paste into their homework.” Another commenter suggested that “AI workflows” essentially means learning software development — splitting tasks, orchestrating components, and ensuring reliability — which sounds like programming under a different name.

Sweden’s Schools Are Going Back to Physical Books

Sweden is reversing its aggressive digital-first education policy, bringing printed textbooks back into classrooms after years of declining reading comprehension correlated with increased screen time. The country had been among the world’s most aggressive adopters of one-to-one device programs in schools, but rising concerns about attention, comprehension, and the erosion of sustained reading habits prompted a national course correction.

HN Discussion: Comment was sparse on this story, but the topic resonates with a recurring HN theme: the gap between what technology promises for education and what it actually delivers in measured learning outcomes.

Security & Privacy

LinkedIn Is Illegally Searching Your Computer

Fairlinked e.V., an association of commercial LinkedIn users, published the results of a months-long investigation they call “BrowserGate.” Their central claim: every time any of LinkedIn’s one billion users visits linkedin.com, JavaScript silently probes for thousands of browser extensions by their Chrome Web Store IDs. The scan covers religious extensions (Islamic content filters), political tools (anti-Zionist taggers), neurodivergence aids, 509 job-search tools, and over 200 competitors to LinkedIn’s own sales products. Results are encrypted and transmitted to LinkedIn’s servers and to HUMAN Security, an American-Israeli cybersecurity firm. The investigation also alleges that LinkedIn’s EU Digital Markets Act “compliance” consists of two restricted APIs handling 0.07 calls per second, while its internal Voyager API handles 163,000 calls per second.

HN Discussion: The most upvoted comment tried to defuse the alarmist framing, arguing this is essentially browser fingerprinting with extra steps — common in ad-tech, not uniquely sinister. But others zeroed in on the specific harms: being flagged to your employer because LinkedIn detected a job-search extension, or having your religious beliefs catalogued alongside your real name and job title. Several commenters argued the real failure is Chrome’s, for allowing websites to probe extension IDs at all. One user reported finding a LinkedIn profile created in their name without their consent, tied to a consulting arrangement.

Gone (Almost) Phishin’ — Matt Mullenweg’s Near-Miss

WordPress co-founder Matt Mullenweg published a detailed account of a phishing attack he nearly fell for. The attackers first spam-triggered Apple’s password reset flow across his devices, then called Apple Support pretending to be him, opening a real support case that generated legitimate, properly-signed Apple emails. “Alexander from Apple Support” then called Mullenweg, offered sound security advice for several minutes to build trust, and finally sent a link to audit-apple.com — a pixel-perfect Apple replica displaying the real case ID. Mullenweg noticed he could enter any case ID and get the same result. “This is obviously phishing. So tell me about the scam,” he said. Alexander hung up.

HN Discussion: The key takeaway was how the attackers weaponised Apple’s own infrastructure — real support cases, real emails, real case IDs — to lend credibility to the phishing page. Several commenters noted this attack is a known technique documented by Krebs on Security since 2024. The fact that Mullenweg was running Apple’s Lockdown Mode and still received the reset bombardment was flagged as concerning.

Vulnerability Research Is Cooked

A post on sockpuppet.org argues that the field of vulnerability research has become unsustainable. The combination of increasingly hardened software, shrinking bug bounty payouts relative to the effort required, legal risks from researchers, and the dominance of well-funded government and corporate security teams has made independent vulnerability research economically and practically nonviable for most practitioners.

HN Discussion: Comments were sparse but the story resonated with security professionals who have watched the independent research community shrink. The broader theme of individual researchers being outcompeted by well-funded institutional programmes drew parallels with other areas of computing.

Mercor Hit by Cyberattack Linked to LiteLLM Supply Chain Compromise

Mercor, an AI recruiting startup valued at $10 billion, confirmed it was affected by a supply chain attack on the widely-used open-source LiteLLM library. The hacking group TeamPCP compromised LiteLLM’s package, and Lapsus$ subsequently claimed to have used the foothold to access Mercor’s data — sharing samples that included Slack conversations and ticketing data. The LiteLLM incident originated last week when malicious code was found in the project’s distribution package, which is downloaded millions of times daily. LiteLLM has since dropped controversial compliance startup Delve in favour of Vanta.

HN Discussion: Commenters connected this story to the broader Delve controversy, noting the chain of events: Delve handled LiteLLM’s compliance, Delve’s own practices came under whistleblower scrutiny, and now the downstream damage from a supply chain compromise is hitting companies like Mercor. The concentration of risk in widely-used open-source dependencies was a recurring theme.

Email Obfuscation: What Works in 2026

Spencer Mortensen ran a controlled experiment testing 15+ email obfuscation techniques against 318 real spam harvesters. The results are surprisingly clear: HTML entities block 95% of harvesters, HTML comments block 98%, and anything involving JavaScript (concatenation, ROT18, AES encryption) or CSS (display:none, SVG embedding) blocks 100%. Techniques that break usability — replacing characters with symbols, using images, CSS content-direction tricks — aren’t worth it when JavaScript-based methods are both perfectly accessible and fully effective.

HN Discussion: Several commenters were surprised that HTML entity encoding still works against 95% of harvesters, given how trivially it’s decoded. The broader lesson is that most spam harvesters are still remarkably unsophisticated. Some noted the irony that the simplest effective technique (a JavaScript concatenation) also preserves accessibility for screen readers.

Business & Industry

A $1.75 Trillion IPO Would Be Overpaying 30% for SpaceX

SpaceX filed confidentially for an IPO on April 1, 2026, targeting a $1.75 trillion valuation with a June listing — which would make it the largest IPO in history. This analysis breaks SpaceX into seven business segments — Starlink Consumer ($380B), xAI/Grok ($258B, anchored by the February merger), Starship Commercial Launch ($170B, pre-revenue), Starlink Enterprise/Maritime ($147B), Government/Defense ($123B), Falcon 9/Heavy ($100B), and Starlink Direct-to-Cell ($75B) — and concludes the sum-of-the-parts fair value is approximately $1.25 trillion, 29% below the target. The $500B gap represents “everything goes right” pricing: if investors are bullish on Starlink, they’re simultaneously bullish on Starship, xAI, and defence, pricing correlated upside across all segments.

HN Discussion: Commenters were most sceptical about the xAI valuation — $258B for a business with ~$430M quarterly revenue against $1.46B quarterly losses, valued almost entirely on a merger anchor from four months earlier. The 30% retail allocation (versus a typical 5-10%) was seen as a strategy to generate retail demand that absorbs the premium. Physical assets — satellites, launch pads, factories — are worth roughly $46B, just 2.6% of the IPO price.

Delve’s Reputation Gets Worse: YC Startup Accused of Forking Customer’s Open-Source Tool

The anonymous whistleblower “DeepDelver” alleges that Delve, a compliance startup that raised a $32M Series A from Insight Partners, took Sim.ai’s open-source agent-building product SimStudio and rebranded it as its own tool called Pathways — without proper licence attribution. Sim.ai’s CEO confirmed Delve had no licence agreement and that Sim.ai was actually a paying Delve customer. Delve has since scrubbed mentions of Pathways from its website, and Insight Partners appears to have removed its blog post about the investment.

HN Discussion: The irony of a compliance startup potentially violating an open-source licence wasn’t lost on anyone. The story is part of a widening scandal: the original allegations involved fake compliance certifications and rubber-stamping auditors, and now the supply chain is implicated too. Commenters questioned Insight Partners’ due diligence process.

IBM and ARM Collaborate on Dual-Architecture Enterprise Hardware

IBM and ARM announced a strategic collaboration to develop dual-architecture hardware combining IBM’s enterprise reliability and security with ARM’s power-efficient design. The work focuses on three areas: expanding virtualisation to let ARM software environments run on IBM platforms (like Z and LinuxONE), enabling those systems to meet enterprise availability and data sovereignty requirements, and building shared technology layers for long-term ecosystem growth. The collaboration sits alongside IBM’s existing Telum II processor and Spyre Accelerator investments.

HN Discussion: Comment was minimal given the corporate announcement nature of the story, but the signal is significant: IBM is essentially hedging its proprietary mainframe architecture by opening the door to ARM workloads, acknowledging that enterprise customers want workload portability.

Renewables Reached Nearly 50% of Global Electricity Capacity in 2025

IRENA’s 2026 Renewable Capacity Statistics report found that 692 GW of renewable capacity was added in 2025 — a record — pushing renewables to 49.4% of global installed electricity capacity. Solar accounted for nearly three-quarters of new additions. But the picture is mixed: renewables’ share of new capacity additions actually fell from 92% in 2024 to 85.6% in 2025, because non-renewable additions nearly doubled. China alone added 100 GW of non-renewable capacity, mostly coal. The US saw natural gas projects nearly triple, driven largely by AI datacentre demand.

HN Discussion: Commenters noted the crucial distinction between installed capacity and actual generation — 49.4% capacity doesn’t mean 49.4% of electrons. The AI datacentre-driven resurgence in fossil fuel construction was flagged as the uncomfortable subtext: the same tech companies funding renewable investment are also driving demand for gas and coal.

Tech Tools & Projects

Show HN: Numa — A DNS Resolver Built From Scratch in Rust

Numa is a single-binary DNS resolver written entirely in Rust — including a custom wire-protocol parser with zero DNS library dependencies. It combines recursive resolution from root nameservers, DNSSEC chain-of-trust validation, ad blocking (385K+ domains), and a developer-focused feature set: .numa local domains for development services, path-based routing (app.numa/api → port 5001), ephemeral DNS overrides, and LAN service discovery via mDNS. Cached queries resolve in under a millisecond. The author uses it as their daily system DNS.

HN Discussion: The author (rdme) chimed in to describe the DNSSEC implementation and confirm it’s their daily driver. Several commenters flagged the auto-TLS for local development as the killer feature — “so many hours wasted fighting mkcert and nginx configs.” One user questioned whether the UI appeared “vibecoded,” worrying it implied the backend was AI-generated too. Others asked about Docker/container networking support and compared it to AdGuard Home and Pi-hole. The single-binary, no-appliance approach was seen as a meaningful differentiator.

Lemonade Server: Local AI for Text, Images, and Speech on GPUs and NPUs

Lemonade is an open-source local AI server that provides chat, image generation, and speech synthesis through a unified OpenAI-compatible API. The native C++ backend is just 2MB, auto-configures for available hardware (GPUs, NPUs, or both), and works with multiple inference engines including llama.cpp and Ryzen AI Software. A built-in GUI lets users download, try, and switch models. It’s designed to make running local models a one-minute install rather than an afternoon of configuration.

HN Discussion: Comment was sparse on this one, but the project targets a real pain point: the gap between “I want to run a local model” and actually having one working. The unified API across modalities — chat, vision, image gen, transcription, speech — in a 2MB binary was the most notable technical claim.

SQLite Features You Didn’t Know It Had

A practical walkthrough of six under-appreciated SQLite capabilities: JSON storage and querying via json_extract() with index support, full-text search through the FTS5 extension (with phrase queries, prefix searches, and ranking), analytics via window functions and CTEs, strict table typing that rejects invalid types at insert time, generated columns (virtual or stored) that keep derived data in sync automatically, and write-ahead logging (WAL) mode that eliminates reader-writer blocking in concurrent workloads.

HN Discussion: The piece reinforced SQLite’s growing reputation as a legitimate alternative to client-server databases for many workloads. WAL mode and strict tables were flagged as the features most developers overlook — WAL particularly for any application with concurrent read/write patterns.

emacs-libgterm: Ghostty’s Terminal Engine Inside Emacs

A terminal emulator for Emacs built on libghostty-vt, the terminal emulation library from the Ghostty terminal emulator. The architecture mirrors emacs-libvterm but uses Ghostty’s engine for SIMD-optimised VT escape sequence parsing, better Unicode and grapheme cluster support, text reflow on resize, and Kitty graphics protocol support. It’s an early prototype (“fully vibe coded,” per the author) and currently only tested on macOS with Apple Silicon, requiring Zig 0.15.2+ to build.

HN Discussion: The project attracted attention from the Emacs community as a potential successor to libvterm. The choice of Ghostty’s engine was seen as smart — leveraging an actively-maintained, high-performance terminal implementation rather than building one from scratch.

Reinventing the Pull Request

A blog post arguing that the standard pull request workflow — large diffs, back-and-forth review cycles, merge conflicts from long-lived branches — is overdue for rethinking. The piece proposes alternative models for code review that reduce the friction of the traditional PR process and better suit modern development practices including AI-assisted coding.

HN Discussion: Comment was limited, but the topic touches a nerve for developers working in teams where PRs have become bureaucratic bottlenecks. The tension between thorough code review and shipping velocity is familiar territory for HN.

Bringing Clojure to Enterprise at Michelin

A Michelin engineer describes the decision to use Clojure for a new reference data system in manufacturing. The key driver was the need for frequently-evolving business rules expressed as DSLs rather than hard-coded logic. Clojure’s Lisp heritage — code-as-data, homoiconicity, and a powerful macro system — made it possible to implement a declarative rules engine using little more than a single Clojure data structure. Libraries like malli (data validation) and specter (data transformation) replaced what would have been significant boilerplate in Java. The piece notes that ThoughtWorks has rated Clojure as “Adopt” since 2014.

HN Discussion: Comment was sparse, but the piece resonates with the recurring HN interest in functional programming gaining ground in enterprise settings. The specific angle — using Clojure’s macro system to build internal DSLs that business stakeholders can read — is the kind of pragmatic functional programming story that does well here.

Artemis Computer Will Run Outlook So Astronauts Can Read Emails in Space

NASA’s Orion spacecraft, the crew vehicle for the Artemis programme, will run Microsoft Outlook as part of its computing stack so astronauts can manage email communications during missions. The Register reports that the decision to include a conventional email client in a spacecraft’s IT infrastructure highlights the tension between astronaut comfort with familiar tools and the unique constraints of space computing.

HN Discussion: The idea of running Outlook in space drew predictable jokes about Outlook being the real disaster. More seriously, commenters questioned the attack surface implications of running desktop email software on a spacecraft and whether the connectivity architecture for interplanetary email had been adequately thought through.

Web & Infrastructure

EmDash: Cloudflare’s Open-Source CMS Built on Astro

Cloudflare released EmDash on April 1st — initially assumed to be a prank, but it’s real. It’s a fully open-source CMS built on TypeScript and Astro 6.0, running serverless on Cloudflare Workers (or any Node.js server) with SQLite/D1 as the database. Content is stored as structured JSON rather than raw HTML. The most distinctive feature is its security model: plugins run in sandboxed isolates and must explicitly declare what they need access to, similar to OAuth scopes — a direct response to WordPress’s plugin security problems. AI agents are treated as first-class users of the system, with an MCP server and typed schemas for introspection.

HN Discussion: The consensus was that EmDash improves the developer experience but may not address the actual frustrations driving people away from WordPress (hosting costs, performance, plugin bloat). The decision to omit a block editor entirely drew criticism: “Is the future really Astro + TinyMCE?” Several commenters noted they’d already moved to static markdown files and didn’t want a CMS layer at all.

History & Science

’Backrooms’ and the Rise of the Institutional Gothic

The MIT Press Reader published an essay tracing the cultural lineage of “The Backrooms” — the internet-born horror aesthetic of empty, liminal office spaces — from Gothic literature through video game culture to A24’s upcoming film. The original 4chan post (2019) described noclippping through reality into “six hundred million square miles of randomly segmented empty rooms.” The term “noclip” borrows from video games (falling through collision detection), combining the flimsiness-of-reality trope with digital logic. The essay argues this represents a new genre: the “Institutional Gothic,” where the monster isn’t supernatural but bureaucratic — the dread of Corporate America itself.

HN Discussion: Commenters connected the aesthetic to games like The Stanley Parable (which uses non-Euclidean space and liminal environments), and one flagged the “maze of twisty passages” reference as a nod to Colossal Cave Adventure. The comparison to IKEA’s famously disorienting store layouts was appreciated.

Artemis II Will Use Laser Beams to Live-Stream 4K Moon Footage

NASA’s Artemis II mission will employ optical laser communication to transmit 4K video from lunar orbit, a dramatic upgrade from the S-band radio system used during Apollo. The laser communication system achieves significantly higher bandwidth, enabling real-time high-definition footage of the Moon and the spacecraft’s journey — something that was technically impossible during the Apollo era.

HN Discussion: The comparison between Apollo’s grainy, delayed television transmissions and Artemis II’s planned 4K livestream drew reflections on how much the public experience of space exploration has changed. The technical challenge of maintaining a laser lock on a receiver from lunar distance was a topic of interest.

Rapid Snow Melt-Off in the American West Stuns Scientists

Snow surveys across the American west recorded historically low snowpack levels following an exceptionally warm winter and a searing March. California’s Sierra Nevada had just 4.9 inches of snow water equivalent — 18% of average — on April 1, the second-worst reading on record after 2015. The Colorado River headwaters, supplying 40 million people and 5.5 million acres of agriculture, measured just 24% of average. Colorado State climatologist Russ Schumacher said measurements are at levels typically seen in May or June. The melt-off is so far ahead of schedule that even incoming storms won’t reverse the trajectory.

HN Discussion: Commenters focused on the cascading implications for agriculture and municipal water supply across the western states, particularly the already-stressed Colorado River basin. The comparison to 2015 — previously the benchmark bad year — being comfortably beaten was cited as evidence of an accelerating trend rather than a one-off.

Academic & Research

Quadratic Micropass Type Inference

A new approach to type inference for the Lumina programming language that aims to produce better error messages. Traditional type inference unifies types inside-out based on source code order, which means error messages often reference types inferred from incorrect assumptions. This algorithm instead splits inference into nine ordered passes — known applications, known assignments, known return types, and so on — each handling a small slice of the unification work. Higher passes reflect what the developer is most likely to consider important, so when a type error occurs, the message aligns with the programmer’s mental model rather than the compiler’s traversal order.

HN Discussion: The approach was noted as an interesting alternative to the standard Hindley-Milner approach, particularly for its focus on error message quality. The nine-pass architecture and the idea of re-running earlier passes after each step was discussed as a potential tradeoff between inference quality and compilation speed.

Markov’s 1913 Paper on Mathematical Models of Speech

A historical paper by Andrey Markov, originally published in 1913, on the mathematical modelling of connected speech. The work introduced what we now call Markov chains — stochastic processes where the next state depends only on the current state. Markov analysed the sequence of vowels and consonants in Pushkin’s Eugene Onegin to demonstrate his model, a founding moment in mathematical linguistics and probability theory.

HN Discussion: The appearance of this paper was appreciated as a reminder that foundational ideas in computing often originated in very different contexts — in this case, 19th-century Russian literary analysis.

System Administration

ReactOS: The Open-Source Windows-Compatible Operating System (LWN)

LWN covered the ongoing development of ReactOS, the open-source operating system designed to be binary-compatible with Windows NT (NT5). The project aims to run Windows drivers and applications natively without requiring a Windows licence. Progress has been steady but slow, with the team working through the enormous surface area of the Windows ABI.

HN Discussion: The sole commenter confirmed the project’s goal is full NT5 compatibility, which prompted reflection on whether targeting a two-decade-old Windows version remains relevant. The sheer scale of the Windows API surface makes complete compatibility a daunting engineering challenge.

Geopolitics & War

Ask HN: A Question About War Journalism and Sympathy

An Ask HN post raised a question about the asymmetric treatment of war journalism across different conflicts, specifically why coverage of certain wars generates more sympathy and outrage than others. The post touched on the framing of casualties in Ukraine versus Gaza and the double standards perceived in how the international community and media respond to different theatres of conflict.

HN Discussion: The thread was predictably contentious. One commenter noted that Ukraine has lost 20% of its territory and continues to face daily bombardment of civilian targets, while all military-age Ukrainian men are effectively confined to the country. Another pointed to the killing of journalists in Gaza as a counterpoint to claims of asymmetric concern. The discussion remained heated and unresolved.

Pam Bondi Reportedly Discussed Ousting at Justice Department

Politico reported that Attorney General Pam Bondi was discussed in connection with potential changes at the Justice Department, amid ongoing tensions between the administration and federal law enforcement leadership. The story sits within a broader pattern of political pressure on DOJ independence.

HN Discussion: Comments were sparse on this Politico story, with most engagement focused on the institutional implications for DOJ independence rather than partisan framing.

Other

Inside Nepal’s Fake Rescue Racket

The Kathmandu Post published a detailed investigation into one of the world’s most sophisticated insurance fraud networks. The scam operates along the Himalayan trekking routes: guides convince tourists they’re dying of altitude sickness (in some cases, baking powder is mixed into food to induce illness), trigger a helicopter “rescue,” admit them to hospitals where doctors’ digital signatures are used without their knowledge, and submit inflated insurance claims. A single helicopter carrying multiple passengers generates separate full-price invoices for each passenger’s insurer — a $4,000 charter becomes $12,000 in claims. Hospitals pay 20-25% commissions to trekking companies and another 20-25% to helicopter operators for referrals. The fraud was first exposed in 2018, a government committee produced a 700-page report, but the racket has only grown since.

HN Discussion: The brazenness of the operation — tourists drinking beer in hospital cafeterias while supposedly receiving treatment, X-rays from other patients recycled as evidence — drew comparison to other insurance fraud ecosystems. The structural problem is that foreign insurers simply cannot verify events at 3,000 metres in a remote Himalayan valley.