HN Morning Brief — 3 April 2026
A packed morning on Hacker News. Google dropped Gemma 4 with a 27B parameter model that punches well above its weight. A supply-chain compromise hit the Axios npm package. LinkedIn turned out to be quietly fingerprinting your browser extensions. And OpenAI acquired TBPN, an AI-focused media outfit, prompting a mix of bafflement and cynical nodding. Elsewhere: a C compiler written in pure shell script, significant progress on Xbox 360 recompilation, Sweden abandons laptops in schools, and Nepal’s fake mountain-rescue industry gets an exposé.
AI & Tech Policy
Google Releases Gemma 4 Open Models
Summary: Google DeepMind released Gemma 4, a new family of open-weight language models spanning 2B, 4B, 12B, and 27B parameters. The 27B variant reportedly competes with much larger proprietary models on benchmarks, while the smaller sizes are designed for on-device and edge deployment. All variants support a 256k context window and include improved multilingual coverage. The models are available through Google’s AI Studio and can be downloaded for local inference via tools like Unsloth and llama.cpp.
HN Discussion: The Unsloth founder (danielhanchen) showed up in the thread, praising the small models as “shockingly good” and confirming rapid support for Gemma 4 fine-tuning. Several commenters discussed practical deployment — one described running Qwen3-VL-8B for OCR and document translation in a Drupal pipeline, while others debated whether Gemma 4’s smaller sizes are competitive with Qwen and Phi alternatives. There was notable frustration that the model’s listing in Unsloth Studio still showed older Gemma 3 entries at time of launch.
Qwen3.6-Plus: Towards Real-World Agents
Summary: Alibaba’s Qwen team released Qwen3.6-Plus, a closed-weight model positioned as a step toward practical AI agents. The model benchmarks competitively against Claude Opus 4.5 on coding and reasoning tasks and introduces improved tool-use capabilities. Unlike earlier Qwen releases that shipped open weights, Qwen3.6-Plus is only available via API — continuing a trend where the strongest Chinese model releases are increasingly proprietary.
HN Discussion: Commenters immediately flagged that the blog’s benchmarks compare against Claude Opus 4.5 rather than the current Opus 4.6, calling this misleading. Several people noted that Qwen has always maintained closed-source variants alongside open ones (Qwen3.5-Plus, Qwen3-Max), so this isn’t a strategic shift — though the gap between open and closed Qwen models appears to be widening. One commenter argued the real business case for open weights is “salting the earth for new competitors.”
Cursor 3
Summary: Cursor shipped version 3 of its AI-powered code editor, emphasizing tighter agent integration and a reworked tab-completion system. The release focuses on letting the editor autonomously handle multi-file edits, run terminal commands, and verify its own changes — blurring the line between IDE and coding agent. Cursor positions itself as the app-based alternative to CLI-first tools like Claude Code and OpenAI Codex.
HN Discussion: The thread turned into a broader debate about the trajectory of AI coding tools. Some users reported drifting away from Cursor toward Codex’s GUI or Claude Code’s CLI workflow, finding the agent mode more useful than tab completion for complex tasks. Others argued the reverse — that for eBPF development and performance-critical code, staying hands-on with tab suggestions beats surrendering control to an agent. One commenter noted that Cursor’s biggest advantage is model independence compared to vendor-locked alternatives.
Lemonade by AMD: A Fast, Open-Source Local LLM Server
Summary: AMD released Lemonade, an open-source local LLM inference server optimized for AMD GPUs and NPUs. Built on top of llama.cpp, it supports text generation, vision models, embeddings via whisper.cpp, image creation, and TTS — all from a single server. It’s specifically tuned for AMD hardware including the Ryzen AI Strix Halo NPU (amdxdna2), addressing the gap left by Nvidia-focused inference tooling.
HN Discussion: Users compared Lemonade against Ollama, noting that both ultimately rely on llama.cpp under the hood but Lemonade adds AMD-specific builds and NPU support. ROCm versus Vulkan performance was a live debate — one commenter with a Strix Halo reported the two are usually within 10% of each other depending on the model, while another argued Vulkan is currently more stable and predictable than ROCm on 7.x-series GPUs.
OpenAI Acquires TBPN
Summary: OpenAI announced the acquisition of TBPN, an AI-focused media network best described as a kind of ESPN-meets-TechCrunch for the AI industry. TBPN has built a following primarily on X (Twitter) through fast-paced AI news coverage and commentary. OpenAI says it will keep TBPN operating independently while supporting its growth.
HN Discussion: The thread was largely baffled. Many commenters admitted they’d never heard of TBPN; others described it as having “ESPN vibes” or being like “a new TechCrunch.” The most cutting take was that OpenAI was losing attention to Anthropic’s Claude Code momentum and buying it back: “It got your attention, which is what they’re after.” Someone noted that TBPN’s traction is almost entirely on X, where “most leaders in the AI space all post.” The top-voted comment? A simple “What.”
Security & Privacy
LinkedIn Is Searching Your Browser Extensions
Summary: Research published on Browsergate.eu reveals that LinkedIn’s website actively probes visitors’ browsers to detect which extensions are installed. The technique works by loading extension-specific web-accessible resources — CSS files, images, or JavaScript that extensions expose to pages — and checking whether they load successfully. This creates a fingerprint of the user’s extension ecosystem without requiring any explicit permission. The researchers note that some of the extensions LinkedIn checks for relate to religious groups and medical conditions, raising potential legal concerns under employment law.
HN Discussion: Commenters pointed out this technique has been known and used for at least five years, with LinkedIn specifically coming up on HN repeatedly. Several people noted that the detection only works for extensions with web-accessible resources declared in their manifests, and that Chrome’s newer “extension side panel” mode offers an undetectable alternative. One commenter shared that they’re building a tool (amibeingpwned.com) to scan extensions for vulnerabilities, and found “utterly outrageous” tracking and affiliate fraud in popular extensions. There was debate about whether this violates GDPR or US federal employment law given the sensitive nature of some detected extensions.
Post Mortem: Axios NPM Supply Chain Compromise
Summary: A detailed post-mortem on GitHub documents how the widely-used Axios HTTP library was compromised in a supply-chain attack. An attacker gained access to a maintainer’s machine, stole TOTP-based 2FA credentials, and published a malicious version of the axios npm package. The compromised code was written in Chinese and Farsi, suggesting state-sponsored origins. The attacker then deleted community-reported issues using the compromised account to delay discovery.
HN Discussion: The thread focused heavily on 2FA failures — since the maintainer’s machine itself was compromised, TOTP secrets stored on it were accessible to the attacker. Commenters debated hardware security keys (YubiKey/SecurID) versus software TOTP, with one arguing that “lack of end-user programmability is a feature, not a bug” for security tokens. The geopolitical angle drew discussion about how the Chinese and Farsi comments in the malware might be misdirection, with one commenter noting that any competent intelligence agency would write their malware in another country’s language. Others discussed practical safeguards like npm provenance signing and locked publish scripts.
Business & Industry
Decisions That Eroded Trust in Azure
Summary: A detailed essay argues that a series of architectural and organizational decisions within Microsoft Azure have systematically eroded customer trust — vaporizing roughly a trillion dollars in perceived reliability value. The piece catalogs specific incidents involving manual access to supposedly secure systems, unstable internal tooling, and security practices that fall short of what customers expect from a hyperscale cloud provider. The author draws on insider experience to trace how these issues compound across Azure’s sprawling service portfolio.
HN Discussion: A former GCP engineer offered a detailed comparison, describing Google’s “break glass” elevated-access system as significantly more restrictive than what the Azure article describes — with human reviewers rejecting vague requests and post-session audits. But they also criticized GCP’s bureaucracy, noting that “a tiny feature that took a day to code could take months to release.” The article’s author (axelriet) got caught in an ironic meta-discussion when their submission text, auto-posted as the first comment, was downvoted by users who assumed it was an AI-generated summary. Several commenters drew parallels to AWS’s approach, generally rating it as more mature but with its own trust gaps.
Free Stuff Makes Us Irrational
Summary: The Hustle examines the behavioral economics behind why “free” offers distort decision-making. Drawing on Dan Ariely’s research and real-world examples, the piece explains how zero-price triggers a different cognitive pathway than even trivially small costs — people overvalue free items relative to their actual utility and make choices they wouldn’t make at a one-cent price point. This has implications for how tech companies price freemium products and ad-supported services.
HN Discussion: The thread became a deeper exploration of ad-supported economics. One commenter argued that ad-supported services effectively “zero out the price of anything that costs less to provide than the amount of ad revenue it generates,” uncoupling price from user value. Another pointed out the externality problem: ad-funded platforms create “large negative externalities” that users don’t see, so they may not realize the net value is negative. Someone quipped that “none of the big tech companies know what their services actually cost per user” to any meaningful precision.
Good Ideas Do Not Need Lots of Lies
Summary: A 2004 essay by Daniel Davies that resurfaced on HN argues that the amount of bullshit surrounding a proposal is inversely correlated with its actual merit. When someone needs a thick layer of misleading statistics, euphemisms, and hand-waving to sell an idea, that’s informative — genuinely good ideas tend to be explainable in plain terms. Davies uses examples from finance and policy to show how “the degree to which you have to deceive people is a measure of the project’s actual worth.”
HN Discussion: Commenters immediately applied the framework to AI hype, with one arguing that modern LLM marketing follows exactly this pattern — heavy on transformational promises, light on concrete mechanisms. Others pushed back on the essay’s simplicity, noting that even genuinely good ideas sometimes need persuasive framing because decision-makers aren’t rational. A side discussion emerged about statistical modeling and authoritarianism, with someone pointing out that Nazi Germany used IBM-contracted statistical modeling to quantify Jewish populations — suggesting the tools of “good” analysis aren’t neutral.
Tech Tools & Projects
c89cc.sh: A Standalone C89 Compiler in Pure Portable Shell
Summary: Alexandre Gomes Gaigalas published c89cc.sh, a complete C89 parser and compiler targeting x86-64 ELF64, written entirely in portable POSIX shell. The script uses no external commands — it sets PATH='' to enforce this. It works across bash, dash, ksh, and zsh, and includes a built-in mini-libc. Usage is straightforward: pipe C source code in, get an executable binary out.
HN Discussion: Commenters were both impressed and suspicious. Several noted that large parts of the code appear to be auto-generated (likely from a state machine generator), which one person said “makes it hard to understand how the parser/AST builder works.” Someone else pointed out this also makes it “much easier to backdoor.” A practical-minded commenter asked why the author avoided even standard POSIX external tools to replace the big switch statements, to which the response was that the constraint is the point — zero dependencies, zero PATH.
Show HN: Home Maker — Automate Your Dev Environment with a Makefile
Summary: Santhosh Thottingal’s “Home Maker” project uses a plain Makefile to declaratively manage a development workstation. Instead of reaching for configuration management tools like Ansible or Nix, it leverages GNU Make’s dependency resolution to install packages, configure dotfiles, and set up services. The approach is deliberately minimalist — Make is already available everywhere, and the syntax is familiar to most developers.
HN Discussion: The thread split between Nix advocates and pragmatists. One commenter pointed directly to home-manager as the “proper” solution for declarative environment management, while another admitted they’d stopped managing dotfiles manually and just tell Codex to install things, using it as “a universal package manager.” Someone suggested mise (formerly rtx) as a middle ground, with another endorsing it enthusiastically: “I cannot endorse mise more highly. I commit it to my repos to make sure every engineer has the same environment.” The recurring joke was adding an LLM to your Makefile as a build rule.
Significant Progress Made on Xbox 360 Recompilation
Summary: An interview documenting major progress in Xbox 360 game recompilation — a technique that translates Xbox 360 PowerPC binaries into native x86-64 code via an intermediate C++ representation. Unlike emulation, which interprets foreign instructions in real-time, recompilation produces a standalone native binary. The approach uses C++ as an intermediate representation, mapping original CPU registers to host variables and translating machine code instruction-by-instruction.
HN Discussion: A detailed technical exchange clarified the distinction between recompilation and decompilation. Recompilation treats C++ as an IR between the original assembly and the host platform, keeping the hardware state represented as variables — making it “much more copyright-friendly” since only patches need distribution, and the end user translates their own legally-owned binary. Decompilation, by contrast, produces something resembling the original source code, which is a derivative work. Someone noted this approach mirrors the N64Recomp project and speculated about applying LLMs to the decompilation path.
Show HN: Made a Little Artemis II Tracker
Summary: A clean single-page dashboard that tracks NASA’s Artemis II mission — the crewed lunar flyby scheduled for the near future. The site displays mission countdown, crew information, and trajectory data in a lightweight interface. It’s a hobby project built to make following the mission’s progress straightforward without wading through NASA’s denser official portals.
HN Discussion: Discussion was light, with commenters appreciating the simplicity and noting it fills a genuine gap — NASA’s own mission pages are surprisingly hard to navigate for quick status checks.
JSON Canvas Spec (2024)
Summary: The open specification for JSON Canvas, a file format designed to represent infinitely extensible, structured visual spaces — think infinite canvases, whiteboards, and spatial note-taking tools. Originally created for Obsidian, the spec defines how nodes, edges, groups, and their spatial relationships are serialized as readable JSON. The format is deliberately simple and portable, designed to work across any tool that wants to interoperate with canvas-based data.
HN Discussion: One commenter noted it seems more flexible than Mermaid for certain diagram use cases. Discussion also touched on UX limitations of the reference implementation — zoom and scroll behavior broke in expected ways on Firefox, with the browser’s native zoom competing with the canvas’s own transforms. The Obsidian creator (kepano) participated, responding to UI feedback.
Memo: A Language That Remembers Only the Last 12 Lines of Code
Summary: Memo is an esoteric programming language where the interpreter can only “see” the last 12 lines of source code at any given time. Older lines vanish from context, meaning the program must be structured so that any given operation only depends on what’s immediately above it. It’s part of Daniel Temkin’s ongoing work in esolanging — designing languages that impose deliberately absurd constraints to explore how we think about code structure.
HN Discussion: Commenters compared Memo’s memory constraint to working with limited context windows in early LLMs, drawing an intentional parallel. Others placed it alongside esolangs like Brainfuck and Befunge in the tradition of languages designed to make programming intentionally painful. The consensus was that it’s art, not a tool — and better understood that way.
I Built an SMS Gateway with a $20 Android Phone
Summary: Jonno documented building a functional SMS gateway by dedicating a cheap Android phone to the task. The setup uses the phone’s cellular connection and SMS capabilities, exposed via a local API that other services can call to send and receive messages. It’s a self-hosted alternative to Twilio or other paid SMS APIs, particularly useful for low-volume personal projects or development environments.
HN Discussion: The first warning was about carrier terms of service — “unlimited” texting plans are for personal use only, and carriers will suspend accounts (and potentially blacklist IMEIs) if they detect automated messaging. One commenter noted this makes it fine for development but you’d want a Twilio integration ready for production. Another suggested skipping the phone entirely by using carrier-provided email-to-SMS gateways. Someone admitted feeling “a bit sorry for the phone” now that its “whole life” is relaying text messages.
Maze Algorithms
Summary: A comprehensive reference page (dating to 1997) documenting algorithms for generating and solving mazes. It covers recursive backtracking, Prim’s algorithm, Kruskal’s algorithm, Eller’s algorithm, and many others, with clear explanations of each method’s characteristics — bias, memory requirements, and the visual texture of the mazes they produce. The page has been maintained as a go-to resource for anyone implementing maze generation.
HN Discussion: Commenters reminisced about discovering this page in the late 90s or early 2000s as a key reference for game development and programming contests. Several noted it’s one of the oldest continuously-maintained technical pages still useful in its original form.
Magic the Gathering Deck Shuffler
Summary: A web-based tool for shuffling Magic: The Gathering decks with cryptographically sound randomness. Built by Jessitron (Jessica Kerr), it provides a visual shuffle animation and lets users draw opening hands, simulating the physical experience of shuffling cards. The tool is designed for casual play testing and deck experimentation.
HN Discussion: Discussion was sparse but touched on the perennial question of what constitutes a “good” shuffle for MTG — mana weaving versus true randomization, and the cognitive bias of feeling that purely random shuffles produce “unfair” hands.
Tailscale’s New macOS Home
Summary: Tailscale wrote about redesigning its macOS menu bar presence to deal with the notch on modern MacBook Pro displays. With Apple’s notch consuming significant horizontal space, menu bar applets get pushed into and behind the notch area. Tailscale re-engineered its icon and menu to be more compact and resilient to the limited real estate, while also discussing the broader macOS problem of having no official overflow mechanism for menu bar items.
HN Discussion: The thread became a venting session about Apple’s menu bar design. Commenters pointed out that this has been a problem for “2+ decades” — the menu bar has never had an overflow mechanism like the Windows system tray. The notch made it dramatically worse, especially on 14-inch displays where “maybe three third-party applets” fit alongside built-in icons before disappearing. Several people said Apple should have bought Bartender (the third-party menu bar manager) and integrated it years ago. One user reported switching to a notch-hiding resolution entirely because corporate-mandated apps consumed too much space.
History & Science
Vector Meson Dominance
Summary: John Carlos Baez explains “vector meson dominance,” a concept from particle physics dating to around 1960. The key insight: photons are slightly “contaminated” by neutral rho mesons. Because a photon can momentarily split into a quark-antiquark pair, and the neutral rho meson is the lightest particle sharing the same quantum numbers as the photon, real-world photons are technically a superposition of bare photons and rho mesons. This has measurable effects — when high-energy photons interact with protons, they behave partly as rho mesons, producing deviations from purely electromagnetic predictions. Frazer and Fulco used this to correctly predict the neutral rho’s existence and mass from pion collision data in 1959.
HN Discussion: Being a Baez post, the discussion was notably more technical than most HN threads. Commenters discussed the relationship between the vector nonet and pseudoscalar nonet of mesons, and some dug into the historical context of Sakurai’s 1960 argument that rho mesons form an SU(2) gauge field.
George Goble Has Died
Summary: George Goble, an electrical engineer at Purdue who became internet-famous in the 1990s for using liquid oxygen to light barbecue grills in spectacularly dangerous fashion, has died. His “GH Guru” technique — dripping liquid oxygen onto charcoal — produced a several-foot fireball and earned him both an Ig Nobel Prize and a spot on a famous David Letterman segment. He was also a serious engineer who contributed to Purdue’s electrical engineering department.
HN Discussion: Commenters shared the Letterman clip and reminisced about the early internet era when Goble’s BBQ experiments were passed around as must-see web content. Several noted with dark humor that there’s something grim about the liquid-oxygen BBQ guy dying, before clarifying his death was unrelated to his experiments. The Ig Nobel connection was highlighted as one of the rare cases where the award honored genuinely interesting physics alongside the comedy.
A Few Good Magazines From the 70s and 80s
Summary: A nostalgic photo-gallery page showcasing magazine covers and interior layouts from computing and electronics magazines of the 1970s and 1980s — the era of Byte, Popular Electronics, Kilobaud, and 73 Magazine. The pages capture a time when computer hobbyism was genuinely new, ads sold discrete components and kit computers, and editorial layouts were dense with schematics and type-in program listings.
HN Discussion: Commenters reminisced about specific magazines — Byte’s deep technical articles, 73 Magazine’s ham radio culture, and Dr. Dobb’s Journal as essential reading. Several noted that the density of information in these old magazines puts modern web publications to shame, though others pointed out the survivorship bias in remembering only the good ones.
Tor Alva: The Tallest 3D-Printed Building in the World
Summary: Communications of the ACM covers Tor Alva (“White Tower”), a 30-meter-tall building in Switzerland constructed primarily through 3D printing using a specialized concrete extrusion process. The project demonstrates how additive manufacturing can produce complex architectural forms that would be impractical with traditional construction methods. The building’s organic, columns-and-arches design was directly enabled by the flexibility of 3D-printed concrete layers.
HN Discussion: Commenters debated the scalability of 3D-printed construction, with skeptics questioning whether the technique works for anything beyond showcase projects and enthusiasts pointing to the rapid improvement in print speed and material strength. Several drew comparisons to ICON’s 3D-printed housing projects in the US.
Artemis II’s Toilet Is a Moon Mission Milestone
Summary: Scientific American reports that NASA’s Artemis II mission — the first crewed lunar flyby since Apollo — will feature a significantly redesigned space toilet. Unlike Apollo’s infamous “fecal collection bags,” the new system uses a suction-based design adapted from the International Space Station’s toilet, modified for the Orion capsule’s smaller volume and the vibration environment of launch. The article frames waste management as one of the genuinely hard engineering problems in long-duration spaceflight.
HN Discussion: Commenters with aerospace backgrounds noted that waste management is consistently underestimated in mission planning and has been a practical bottleneck in crew comfort and health since the Gemini program. Several compared the Orion toilet to the ISS’s $23 million toilet replacement and discussed the surprisingly complex fluid-dynamics challenges of suction-based systems in microgravity.
Artemis Computer Running Two Instances of MS Outlook
Summary: A Bluesky post that went viral shows the Orion spacecraft’s computer display running two instances of Microsoft Outlook, apparently as part of the Artemis mission systems. The image captured the incongruity of NASA’s deep-space spacecraft running the same email client used in corporate offices worldwide.
HN Discussion: The thread treated this as equal parts amusing and emblematic. Commenters pointed out that Outlook is likely running on the ground-side console rather than the actual spacecraft flight computer — mission control workstations are standard Windows machines. Others noted that the space industry’s reliance on commercial off-the-shelf software is both practical (reduced development cost) and slightly terrifying.
Academic & Research
Prefer Do Notation Over Applicative Operators
Summary: Gabriel Gonzalez (haskellforall.com) argues that Haskell programmers should default to do-notation rather than applicative style (<$>, <*>, >>=) for most code. The post contends that while applicative operators are more concise in trivial cases, do-notation scales better as code grows, is easier to refactor, and is more readable for non-experts. The argument is essentially about optimizing for long-term maintainability over expressiveness.
HN Discussion: The thread was surprisingly heated for a Haskell style-guide post. Applicative advocates defended the conciseness and composability of <$> chains, while do-notation proponents argued that readability trumps elegance in production code. Several commenters noted the debate mirrors older tensions in the Lisp community about macros versus functions.
Other
The Joy of Numbered Streets
Summary: Jarrett Walker’s Human Transit blog makes the case for numbered street grids as an underrated piece of urban infrastructure. Numbered streets provide built-in wayfinding — you always know approximately where you are and how far away your destination is. The post contrasts this with named streets, which carry cultural information but provide no spatial cues, and argues that cities which abandoned numbered grids for honorific naming made navigation harder for everyone.
HN Discussion: Commenters shared examples from cities with strong numbered grids (Salt Lake City, Phoenix, parts of Portland) versus the confusion of purely named systems in older European and East Coast cities. Several people noted that numbered grids correlate with flat, planned cities and are harder to impose on hilly terrain. Someone pointed out that Queens, NYC, has both — numbered streets and named cross-streets — creating a hybrid system that actually works well.
Sweden Goes Back to Basics in Schools
Summary: Undark reports on Sweden’s national pivot away from digital-first education back toward printed textbooks, handwriting, and reduced screen time in schools. After a decade of pushing tablets and laptops into classrooms, Swedish education authorities concluded that digital devices were hurting reading comprehension and writing skills. The policy reversal mandates physical books and handwriting practice, particularly for younger students.
HN Discussion: The thread split predictably. One side argued that “you can put a candy bowl in front of kids and tell them not to touch it, or you can just not put it there” — removing devices is simply more effective than managing distractions. The other side contended this is a discipline problem, not a technology problem, and that laptops can be productive with proper classroom management. A more nuanced take pointed out that “reading a book is different, often better, than reading on a screen, even for adults” — so the question isn’t devices versus no devices, but which medium serves which purpose. One commenter’s ironic contribution: “Learning how to bypass the school’s internet filtering so I could get to flash games probably taught me more than anything in the lessons.”
Inside Nepal’s Fake Rescue Racket
Summary: The Kathmandu Post exposes a scheme where trekking companies in Nepal stage fake mountain rescues to bill travel insurance companies for helicopter evacuations that were never needed. Trekkers are told they’re ill or injured, persuaded to accept helicopter rides, and the companies submit inflated claims. The racket exploits the combination of remote locations, language barriers, and insurance companies’ limited ability to verify incidents on the ground in the Himalayas.
HN Discussion: Commenters debated whether this is a “victimless crime” since insurance companies bear the cost. Pushback was immediate: insurance premiums rise for everyone, and Nepal’s reputation as a trekking destination suffers. One person drew a Fight Club analogy in reverse — if the cost of fraud is low enough for any individual insurer, and the cost of mitigation is in the millions, they’re unlikely to fix it. Others noted that Nepal’s mountain permits are expensive but trekking itself is “mostly just walking from village to village,” making the insurance fraud particularly galling.
Morning brief for 3 April 2026. Stories sourced from the Hacker News front page around 06:00 UTC.