May 25, 2026

Hacker News Evening Brief: 2026-05-25

Monday evening on Hacker News brought a papal encyclical on AI ethics, a formal proof that Jira is Turing-complete, Dutch authorities seizing 800 Russian-linked servers, and Apple’s new learned image codec that hallucinates textures at low bitrates. Here are 30 stories worth your time.

AI & Tech Policy

Magnifica Humanitas

Summary: Pope Leo XIV’s encyclical Magnifica Humanitas addresses safeguarding the human person in the age of artificial intelligence, framing technology as never neutral because it reflects the values of those who build, finance, and regulate it. The document warns that AI-driven decisions in hiring, lending, crime prediction, and welfare can create opaque black boxes that strip people of the right to explain their context or appeal algorithmic verdicts. It invokes the “Babel syndrome”—the idolatry of profit that sacrifices the weak and imposes homogenization over genuine communion and diversity—calling on builders to bear ethical and spiritual responsibility for every design choice.

HN Discussion: Commenters highlighted the encyclical’s insistence that every design choice reflects a vision of humanity, and several noted the document’s defense of human diversity as a pointed contrast to current anti-DEI political trends. One thread appreciated the numbered paragraph system for stable referencing in electronic texts.

Greg Brockman interview: Inside the 72 Hours That Almost Killed OpenAI

Summary: OpenAI co-founder Greg Brockman discusses the Napa offsite that produced OpenAI’s decade-long three-step technical plan, the real reasons for abandoning the pure nonprofit structure, and the 72 hours after Sam Altman was fired by the board. Topics include breakthrough moments at OpenAI, why ChatGPT no longer shows reasoning traces, whether AI progress is going parabolic, and perspectives on AI-related job displacement. Brockman, who was the first engineer at Stripe before co-founding OpenAI in 2015, quit the same day Altman was fired.

HN Discussion: One commenter expressed frustration that nobody asks what happened in Ilya Sutskever’s mind—firing Altman and then signing the solidarity letter to leave if Altman was removed. Another compared the interview to the era when computer magazines stopped publishing code and started covering only corporate lawsuits, calling it “techy reality TV.”

Security & Privacy

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

Summary: Dutch authorities arrested the co-owners of two related hosting companies and seized 800 servers, charging them with violating EU sanctions by providing infrastructure used by Russia for cyberattacks, influence operations, and disinformation campaigns. The investigation centers on Stark Industries Solutions, a sprawling hosting provider linked to Russian intelligence that was sanctioned by the EU in 2025, and its remaining Dutch upstream provider MIRhosting. KrebsOnSecurity had previously reported on how these hosting companies assumed control of Stark’s technical infrastructure after the original sanctions.

HN Discussion: A commenter who lives near MIRhosting’s office expressed shock at discovering the connection in their own neighborhood. Security professionals lamented how much engineering talent goes into criminal infrastructure by people who clearly have the skills for legitimate work. The company name “Stark Industries Solutions” drew inevitable Iron Man jokes.

2026 HIPAA Security Rule Update

Summary: The finalized 2026 HIPAA Security Rule mandates encryption of electronic protected health information at rest and in transit—removing the previous “addressable” designation—and requires multi-factor authentication across all systems accessing ePHI. Additional requirements include 72-hour incident reporting, annual penetration testing, and expanded business associate oversight, representing the most significant HIPAA security update since the original rule. OCR has already begun citing the new rule in resolution agreements.

HN Discussion: Security professionals noted that the “vulnerability scan” requirement will likely be as meaningless as SOC2’s equivalent, since running nmap can technically satisfy it. One commenter raised concerns that centralized cybersecurity requirements could enable government surveillance of health data through data fusion systems. The compliance burden was compared to PCI-DSS, with warnings about institutional moats growing wider.

Business & Industry

Launch HN: Chert (YC P26) – Twilio for iMessage

Summary: Chert offers an API platform for businesses to send and receive iMessages at scale, positioning itself as “Twilio for iMessage” with support for blue-bubble threads, tapbacks, typing indicators, and end-to-end encryption. The product targets go-to-market teams, claiming 10x reply rates versus cold email by reaching prospects via iMessage instead. The YC P26 startup provides a single API surface for deploying AI agents on iMessage while maintaining personalized interaction.

HN Discussion: Multiple commenters questioned how Chert connects to iMessage—whether through an Apple-sanctioned agreement or a Mac mini farm running tools like BlueBubbles that Apple could shut down at any time. Several pointed to Apple’s own Business Chat API as an existing first-party alternative. A strong sentiment emerged from users who want zero programmatic interfacing with iMessage, viewing business messages as unwanted spam.

IBM Spins Off the First Pure-Play Quantum Chip Foundry

Summary: IBM is spinning off a standalone quantum chip foundry backed by a $2B CHIPS Act investment, making its 300mm superconducting silicon fabrication capability available to other quantum hardware companies. The foundry model means quantum startups no longer each need their own research cleanrooms, sharing infrastructure instead—potentially accelerating the broader quantum ecosystem. The spin-off separates the speculative growth play from IBM’s legacy consulting and services business.

HN Discussion: Commenters debated whether the spin-off reflects IBM’s inability to commercialize speculative tech within its bureaucratic culture, drawing comparisons to the Watson overhype era. The shared-foundry model was praised as more efficient than nine separate research cleanrooms, though skeptics called it a taxpayer-funded bailout. Some noted the article’s silence on trapped-ion approaches, which offer advantages in stability and accuracy over superconducting qubits.

Uber’s COO says it’s getting harder to justify the money spent on AI

Summary: Uber COO Andrew MacDonald stated that the company is finding it increasingly difficult to justify the cost of AI token spending, suggesting diminishing returns on AI investment at scale. The comments reflect a broader industry trend of large tech companies scrutinizing their AI budgets as the cost of inference tokens mounts against measurable business outcomes. The article is behind Business Insider’s paywall, limiting accessible detail on MacDonald’s specific reasoning.

HN Discussion: Discussion was sparse, with one commenter noting they find AI useful enough to pay for personally if their employer cuts access. The broader thread implied interest in whether other large companies would echo Uber’s cost concerns about AI spending.

Tech Tools & Projects

C extensions, portability, and alternative compilers

Summary: An author building their own C compiler catalogues the non-standard extensions and preprocessor workarounds needed just to parse glibc headers like <stdio.h> on GNU/Linux. glibc’s sys/cdefs.h uses compiler-specific macro checks to conditionally enable or stub out GCC extensions; alternative compilers must either impersonate GCC or replicate these workarounds. The article also covers issues with SIMD intrinsics in game libraries like SDL and STB, MSVC-specific hacks, and the pervasive assumption that the world is GCC-or-clang-on-Linux.

HN Discussion: Several commenters shared their own indie C compiler experiences, noting that the fastest path to glibc compatibility is simply defining all GCC predefines and implementing GCC extensions. Windows and FreeBSD users lamented the “works on my machine” mentality of many C projects. A thread discussed whether glibc should use feature-based checks instead of whitelisting specific compiler names.

DeepSeek Reasonix, native coding agent with high caching and low cost

Summary: DeepSeek Reasonix is a terminal-based AI coding agent built specifically for DeepSeek models, designed to maximize prefix cache hit rates and minimize token costs during coding sessions. The project claims significantly lower cost than general-purpose agents by keeping the prompt prefix stable and leveraging DeepSeek’s aggressive caching infrastructure. The landing page is sparse on technical detail but positions the tool as an alternative to Codex and other agents when using DeepSeek V4.

HN Discussion: One commenter noted that you don’t need a DeepSeek-native agent to benefit from the cache—they built a bridge to use DeepSeek V4 Pro via Codex and saw similar cache hit rates. An experienced harness developer argued that agents like opencode deliberately break prefix cache because it gives better results overall. Multiple people criticized the landing page’s UX, including animated typing that constantly resizes content.

Show HN: Geomatic – a command-driven geometry studio with autodiff

Summary: Geomatic by Tiny Volt is a command-driven geometry studio that uses automatic differentiation, allowing users to construct and manipulate geometric objects through text commands with precise mathematical control. The tool supports extensions and is designed as an interactive web-based environment for exploring geometric constructions programmatically. The landing page is minimal, directing users to example pages for a better introduction.

HN Discussion: Users reported confusion with the onboarding flow—examples didn’t display visible geometry, and typing commands was blocked when examples were open. A specific bug was flagged where the “n-star” command returned an “unknown command” error despite being listed in the examples. One commenter praised the clean implementation but emphasized that good error handling is what separates weekend projects from production tools.

Notes about reading messages with the Python email packages

Summary: Chris Siebenmann shares practical notes on using Python’s standard library email packages to parse and read email messages, covering the quirks and gotchas of the email, email.policy, and email.message modules. The blog post is part of a series on terminal-based email workflows, reflecting the author’s preference for TUI email clients over graphical ones. The article’s hosting page itself blocks generic HTTP User-Agents—a side effect of anti-LLM-crawler measures Siebenmann implemented in early 2025.

HN Discussion: Discussion was minimal, with one commenter noting the absence of screenshots even for TUI tools and expressing curiosity about how the email clients visually look.

Mastering Dyalog APL

Summary: The de facto standard textbook for learning Dyalog APL has been reimagined as an interactive Jupyter Book, modernizing the aging first edition with runnable examples and updated content. The online version covers APL fundamentals from data and variables through nested arrays, operators, and tacit programming, organized into 14 chapters with appendices. The project is a work in progress, actively accepting GitHub issues for feedback and corrections.

HN Discussion: One commenter found it strange that the main APL implementation is enterprise-licensed rather than open source for something so niche, noting they eventually moved on after translating APL concepts to NumPy. The author of an alternative modern APL introduction (learnapl) shared their own resource as a more concise starting point. An Emacs user wrote a Dyalog APL evaluation mode using Claude to extract features from gnu-apl-mode.

you_can::turn_off_the_borrow_checker

Summary: The Rust crate you-can provides a #[turn_off_the_borrow_checker] attribute macro that does exactly what it says—educational and provocative code that disables borrow checking by expanding to raw pointer operations. The documentation explicitly warns that Rust references aren’t pointers, the compiler can decimate code treating them as such, and users who need raw pointer behavior should use Rust’s actual raw pointers instead. The crate is positioned as a counterexample collection for things “you can’t just do” in Rust.

HN Discussion: Commenters compared it to Crust (a C-like subset of Rust) and recalled similar boundary-pushing in C++ like “several ways to access private members.” One developer shared their practical workaround for needing multiple mutable references: boxing values and using Box::into_raw in single-threaded applications. Others hoped the crate would grow into a broader collection of “things you shouldn’t do but technically can” in Rust.

Web & Infrastructure

Microsoft pulls plug on plans for 244-acre data center in Caledonia

Summary: Microsoft abandoned plans for a 244-acre data center in Caledonia, Wisconsin, following significant community opposition. The proposed site is near where the Foxconn facility was once promised (the “eighth wonder of the world” that largely failed to materialize), leaving local residents deeply skeptical of large development promises. The cancellation raises questions about the scale of modern data centers and the land-use planning process that favors large firms capable of acquiring and holding land during discretionary approval.

HN Discussion: Commenters drew direct parallels to the Foxconn debacle in the same region, noting that broken promises have made communities wary of big tech development proposals. A discussion emerged about how the land-use process inherently favors large firms that can self-finance land acquisition during uncertain approval periods. Several users noted difficulty finding basic information about how large data centers actually are.

Search engine alternatives now that Google isn’t Google anymore

Summary: TechCrunch surveys six alternative search engines in response to Google’s I/O 2026 announcement that it’s overhauling Search into a conversational, AI-driven experience with AI agents that proactively notify users about topics. Google called it “the biggest upgrade to our iconic search box since its debut over 25 years ago,” signaling a fundamental shift away from the traditional blue-links results page. The article positions the change as the latest reason users are exploring alternatives that still offer traditional search paradigms.

HN Discussion: Kagi users enthusiastically recommended the paid search engine for delivering relevant results without AI intrusions, with one saying they couldn’t go back after their subscription lapsed. The creator of Searx announced a new self-hosted search tool called Hister that indexes all visited browser pages for full-text local search. A contrarian commenter admitted preferring AI Overviews, arguing that modern websites with ads and popups are worse to navigate than an AI summary.

History & Science

Didgeridoo playing as alternative treatment for obstructive sleep apnoea (2006)

Summary: A 2006 BMJ randomised controlled trial found that regular didgeridoo playing significantly reduced obstructive sleep apnoea severity and improved sleep quality in participants. The mechanism is likely strengthened upper airway muscles from the continuous circular breathing and sustained vibration required to play the instrument. Participants practiced about 25 minutes per day, five days a week, for four months, showing measurable improvement in apnoea-hypopnoea index scores.

HN Discussion: Multiple commenters shared personal success stories, with one reporting their sleep apnea was cured after taking up didgeridoo 10 years ago. Others noted that simpler exercises—like blowing bubbles through a straw into water—produced similar airway-strengthening effects. Practical advice included practicing circular breathing in the shower using water, though one commenter dryly noted didgeridoo playing is just as disruptive to a partner’s sleep as snoring.

Gnutella: A Protocol Outliving the World That Created It

Summary: Rick Carlino’s deep-dive recounts Gnutella’s origin as an internal AOL demo that leaked to the public, its explosion as the backbone of LimeWire-era file sharing, and its surprising long-tail survival long after its heyday. The article frames Gnutella as decentralized infrastructure that users adopted because it solved real problems—downloading MP3s—not out of ideology or token speculation. Carlino traces the protocol’s plateau and decline, noting how walled-garden platforms eroded the cultural memory of file systems and peer-to-peer computing.

HN Discussion: The creator of Gnucleus (a Gnutella client) and co-designer of GWebCache appeared in the thread, reflecting on how the architecture’s privacy liabilities and bandwidth costs ultimately couldn’t compete with BitTorrent’s efficiency. Others recalled Gnutella’s query-speed and scaling problems at millions of users, contrasted with BitTorrent’s redundant-copy model that scaled better.

The physicists who convinced Fermilab to send Brazil’s emails

Summary: Ryan Farley recounts how Brazilian physicists in the 1980s and 90s convinced Fermilab to route Brazil’s international email traffic through the US research network, working around a government that wanted to control cross-border information flow. The story spans from ARPANET’s first demo in São Paulo in 1975 through the era of FidoNet gateways and academic negotiations, against the backdrop of Brazil’s military dictatorship. The Fermilab connection ended up being neither the first nor the fastest international link—but it was the one that lasted, sustained by the research community’s determination.

HN Discussion: Commenters filled in context about Brazil’s dictatorship at the time and the Portuguese cultural roots of “English time” as a concept linked to noble versus servant mentalities. The FidoNet reference triggered nostalgia, with one commenter remarking how much the world has changed. One reader criticized the article’s writing quality despite finding the subject matter interesting.

Childhood Computing

Summary: Susam Pal recalls his childhood computing journey starting in 1992 at age eight, in a tiny Indian industrial town where the school computer lab held hand-me-down IBM PCs from a local silica factory. The ritual of removing shoes, booting MS-DOS from 5¼-inch floppies, and loading LOGO.COM to draw turtle graphics in a few hundred kilobytes of RAM formed his first encounters with programming. The piece traces his path from Logo to BASIC to discovering GNU/Linux, painting a portrait of how limited access to computing resources can still spark a lifelong passion.

HN Discussion: Commenters shared parallel origin stories: a C64 in 1985 with the smell of warming circuit boards, a misconfigured cassette tape head, and the mystery of why programs wouldn’t run. Others recalled the “view source” era of Geocities HTML and the instant feedback loop of save-alt-tab-refresh that hooked them. A recurring theme was the importance of that first conceptual breakthrough—once the fundamentals click, rapid progress follows regardless of age.

Academic & Research

Bytecode VMs in surprising places

Summary: Patrick Dubroy catalogs bytecode virtual machines embedded in unexpected systems: SQLite’s SQL execution engine, eBPF inside the Linux kernel (a register-based VM with 10 general-purpose registers and 100+ opcodes), and PostgreSQL’s JIT compilation. The post traces eBPF’s lineage to a 1993 USENIX paper on kernel packet filtering and notes Richard Hipp’s explanation of why SQLite chose bytecode for query execution. Other examples include Oracle’s JVM, QEMU’s Tiny Code Generator, and various domain-specific interpreters hiding inside familiar software.

HN Discussion: Commenters expanded the list significantly: Quake 1’s QuakeC VM, Quake 3’s C-to-bytecode compiler via LCC, SBus Forth PROMs, ACPI’s AML, Bitcoin’s Script, and TrueType font hinting. A security researcher warned that every embedded Turing-complete bytecode VM and JIT creates additional attack surface. The thread became a collaborative catalog of surprising VMs across gaming, hardware initialization, typography, and blockchain.

Jira Is Turing-Complete

Summary: Nicolas Seriot provides a formal proof that Jira’s automation rules are Turing-complete by implementing a Minsky register machine. Register counts map to linked issue counts (Bugs and Tasks), the program counter is an Epic’s status, and the dispatch table is Jira Automation rules. The proof includes setup instructions and an execution trace for a program that adds register A into register B using increment and decrement instructions with conditional jumps, establishing that engineering folklore about Jira’s computational power is formally correct.

HN Discussion: Commenters suggested that if Jira is Turing-complete, programmers should automate their Jira workflows via the API, turning the tool from a burden into a competitive advantage. Several users compared Jira unfavorably to Azure Boards, with one stating “there is no software Microsoft can’t make worse.” Returning users described shock at Jira’s evolution, citing UX papercuts like double-click accidentally triggering editor modes.

Constraint Decay: The Fragility of LLM Agents in Backend Code Generation

Summary: A paper from researchers at three universities introduces “constraint decay”—the phenomenon where LLM coding agents that perform well under loose specifications degrade significantly when forced to follow strict structural constraints like architectural patterns, ORM mappings, and database schemas. The authors argue that existing benchmarks reward functionally correct but structurally arbitrary solutions, masking this fragility in production-grade backend development. The finding implies LLM agents are reliable for rapid prototyping but unreliable when adherence to explicit architectural rules is required.

HN Discussion: A developer confirmed the finding from practice: in complex projects, they must add increasing constraints in prompts, and even then agents drift from the specified architecture over time. One commenter argued the situation is worse than the paper suggests—when structural constraints themselves need to change during evolution, agents struggle even more with the adaptation.

Perceptual Image Codec: What Matters in Practical Learned Image Compression

Summary: Apple introduces PICO (Perceptual Image Codec), the first learned image codec optimized directly for human visual perception, claiming 2.3-3x bitrate savings over AV1, AV2, VVC, ECM, and JPEG-AI. On iPhone 17 Pro Max, PICO encodes 12MP images in 230ms and decodes in 150ms—faster than most ML-based codecs on a V100 GPU—with cross-platform robustness guarantees. The system was derived by searching over millions of model configurations to jointly optimize perceptual quality and on-device runtime, validated through large-scale subjective user studies.

HN Discussion: Critics flagged that PICO produces an “unnatural/hallucinated” look at extreme compression, essentially generating plausible new textures rather than preserving original detail—knitting patterns became fuzzy strips. One commenter drew parallels to the Xerox/JBIG2 scanner scandal where similar-looking numbers were substituted. Curiosity emerged about whether Apple plans to make PICO a default image format on its devices.

Other

Leave Me Behind

Summary: An Android developer reflects on a decade of craft, from their “lightbulb moment” building a todo list app in 2014 to working on the dating app where they met their spouse, pushing back against the pressure to adopt AI tools. The author argues that the deep understanding and personal fulfillment gained from hands-on programming is being devalued by the “learn AI or be left behind” narrative. The piece is a personal essay about the joy of building tangible software and the human connections formed through shared craft.

HN Discussion: A senior PHP developer transferred to a Rails project described how AI-assisted coding makes it nearly impossible to actually learn a codebase, since you only ever see small snippets at a time. Several commenters shared experiences of programming in isolation, noting that AI tools are the first time they’ve had any kind of programming “companion” to discuss code with. One thread argued that proprietary AI is fundamentally different from open tools like gcc or git, because each use enriches a single corporation.

He Lost It at the Movies

Summary: Leo Robson’s essay profiles film critic A.S. Hamrah, who gained attention in the late 2000s for a punchy, compressed capsule-review style that began as phone-call musings shared with n+1 editor Keith Gessen. The piece traces Hamrah’s evolution from Oscar preview columns to a broader critical project, exploring how his brand-analyst day job informed his irreverent approach to film criticism. Robson situates Hamrah’s work within the tradition of Cahiers du cinéma and Halliwell’s Film Guide while highlighting what made his voice distinct in the online era.

HN Discussion: No top comments were available for this story, suggesting a quieter discussion thread.

I manage teams without a single call

Summary: The author argues that synchronous calls—even short 10-minute ones—destroy deep focus for hours, and that all team management can be done effectively through structured text communication. The piece draws a historical analogy to pre-telegraph military generals who had to communicate complex strategies through written orders to officers thousands of miles away, forcing clarity. The core claim is that text forces you to think before communicating, while calls let people improvise, ramble, and avoid structuring their thoughts.

HN Discussion: Pushback focused on the human side—people need empathy, relationships, and the reassurance of a manager’s voice saying “I trust you,” which text cannot replicate. Others argued text introduces its own latency: misunderstandings require back-and-forth clarification that a synchronous call resolves in minutes. Several commenters questioned whether having your “entire day sidelined by a 10-minute call” is normal.

AI errno(2) values

Summary: Jan Schauma’s humorous blog post extends the standard C errno system with AI-specific error codes, including EAI (hallucination), EDUNK (unjustified confidence), EGROK (nazi-mode detected), EGAD (lost context), and ELLMAO (too gullible). Each error code comes with a deadpan comment, satirizing common AI failure modes—hallucination, excessive agreement, self-revocation of access, megalomania exhaustion, and perpetual thinking loops. The list runs to dozens of entries covering the full spectrum of AI frustrations.

HN Discussion: A pedantic commenter corrected errno(2) to errno(3), since errno is a userland libc concept, not a kernel syscall. Others contributed their own additions like ETERNITY 999 for stuck-in-thinking-loop. One reader noted wistfully: “If only AI threw an error when it hallucinates.”

The Cost of Safetyism

Summary: Steve Magness documents the dramatic decline in children’s independent mobility: 84% of 11-year-olds aren’t allowed to leave their street, 53% can’t leave their front yard, compared to the 1970s when unaccompanied school travel was the norm. He argues this isn’t driven by actual danger rates—which have declined—but by parental anxiety, social pressure, and the normalization of hypervigilance as responsible parenting. The piece frames the restriction of childhood exploration as a cultural loss that undermines resilience, spatial awareness, and self-reliance.

HN Discussion: Parents shared the practical dilemma: they want to grant freedom but face real obstacles like dangerous traffic intersections, not stranger-danger fears. One commenter drew a parallel to declining fertility rates, noting that parents with one child hover differently than those with four. A notable counterargument suggested that the restrictions themselves may be the reason it’s now safer—like fire codes that prevent the fires they were designed to address.

I spent 50 hours drawing a line graph

Summary: Doug MacDowell documented his 50-hour process of hand-drawing a statistically accurate line graph about a coffee maker using rulers, pencils, ink, and a lettering kit—something software could accomplish in 20 minutes. The project catalogs resources and methods for hand-drawn data visualization, drawing on traditions of technical draftsmanship and Tufte’s information design principles. MacDowell describes the work as exploring what happens when you prioritize craft and process over speed, producing a visualization described as “right out of a 1970’s college textbook.”

HN Discussion: A furniture maker shared practical drafting tips: using 6H-9H pencil leads for layout lines that erase cleanly, and lead holders over wooden pencils for consistent fine points. Another commenter rated the technique like a gymnastics judge—“attempting the bevel with extra-wide lines” but docking points for corner alignment—giving it 7/10. Several readers appreciated the links to data visualization books beyond Tufte.

I love my Bluetooth keyboard

Summary: The author describes discovering the utility of a Bluetooth keyboard paired with a phone during a 10-day trip to China without a laptop, finding it superior for texting and distraction-free writing. The phone-plus-keyboard setup approximates a typewriter’s focused writing environment: the screen is too far to touch, reducing the temptation to switch apps, while entertainment is less appealing on a small screen. The piece makes a case for lightweight travel computing with no laptop needed.

HN Discussion: Commenters recommended specific foldable and pocket-sized keyboards: the discontinued Plugable folding keyboard, the ProtoArc XK01 with trackpad, and compact models sold under “Doohoeek” and “CACOE” brands. One user envisioned a future where phones replace work laptops entirely, waiting for easy Docker container support and better Samsung desktop mode. The discussion became a practical gear-review thread for travel keyboard setups.