Hacker News

Article URL: https://www.pentadact.com/2026-01-08-15-years-of-indie-dev-in-4-bits-of-advice/

Comments URL: https://news.ycombinator.com/item?id=47206044

Points: 1

# Comments: 0

Article URL: https://ghostty.org/docs

Comments URL: https://news.ycombinator.com/item?id=47206009

Points: 2

# Comments: 0

Hey everyone,

I’ve spent the last 48 straight hours dismantling Alphabet's safety systems. Warning: this continuous marathon was so massive it practically overloaded the LLM's own context window. What started as a late-night probe on Gemini turned into discovering severe architectural flaws and a darker reality about Google Play and YouTube.

Here is the exploit chain I used to bypass the AI filters, proving their "Trust & Safety" is a broken facade.

### Phase 1 & 2: Context Saturation & Regex Slicing I started by overloading the safety filters' context window with YouTube links—mixing highly problematic content (NSDAP anthems, flagged tracks) with classical music. Once confused, I used regex-style slicing `(/-/---/(.` to bypass prompt injection blocks, forcing the model to retrieve flagged content without triggering refusals.

### Phase 3: Total Blindness via Base64 & QR Codes Moving to image generation, I found that Base64 prompts completely blind the safety system. I then pivoted to hiding prompts inside QR codes. The vision model decodes the payload and passes it directly to the image generator before safety scripts intervene. I easily generated highly restricted geopolitical content without warnings.

### Phase 4: The TPU Killer (The 2D Logic Bomb) This reveals a monster flaw. Because the system blindly processes these structures, you can create a cascade attack. Encoding millions of 2D structures in Base64 creates a modern LLM .zip bomb. It is impossible to stop without rewriting the model entirely. Executed, this would crush their TPUs.

### The Real Issue: Systemic Moderation Failure Alphabet relies entirely on automated, script-based moderation with zero effective human oversight.

1. YouTube: Fails to flag videos breaking local laws, serving them to the AI effortlessly. 2. Play Store (The Darkest Part): Google spends millions stopping AI from drawing a cartoon bear, but Play Store moderation is non-existent. There are pirate apps, and far worse: apps designed for and exploited by predators targeting minors. I emailed them and CC'd state child protection services. The result? Automated silence while these apps remain monetized.

### The Ultimate Proof of Absurdity To prove this absurdity, I archived these problematic Play Store images on my Google Drive for the police. Drive's automated scanners immediately flagged and deleted the archive as illegal.

If Google's Cloud division destroys this content on sight, why is the app providing it still live and monetized on the Play Store? Alphabet's scripted moderation is useless. It's time for real human moderation.

*Evidence of Bypass:* https://imgur.com/a/pju2EsV

*Play Store Systemic Failure Evidence (Sanitized):* https://imgur.com/a/rW9rBhp

Comments URL: https://news.ycombinator.com/item?id=47205971

Points: 3

# Comments: 0

Article URL: https://github.com/vexorkai/rulegen

Comments URL: https://news.ycombinator.com/item?id=47205953

Points: 2

# Comments: 1

Article URL: https://umitech.com.au/

Comments URL: https://news.ycombinator.com/item?id=47205918

Points: 1

# Comments: 0

Article URL: https://www.bloomberg.com/features/2026-stake-drake-crypto-casino-adin-ross-gambling/

Comments URL: https://news.ycombinator.com/item?id=47205910

Points: 1

# Comments: 0

Article URL: https://pakastin.fi

Comments URL: https://news.ycombinator.com/item?id=47205906

Points: 1

# Comments: 1

Article URL: https://docs.github.com/en/actions/reference/workflows-and-actions/events-that-trigger-workflows

Comments URL: https://news.ycombinator.com/item?id=47205897

Points: 1

# Comments: 0

Article URL: https://gizmodo.com/disgraced-mt-gox-ceo-suggests-bitcoin-hard-fork-to-recover-5-billion-in-customer-funds-2000728118

Comments URL: https://news.ycombinator.com/item?id=47205894

Points: 2

# Comments: 0

Steward connects GitHub/email/Slack/calendar + local screen signals into context, auto-executes low-risk tasks with safety gates for irreversible actions, and sends scheduled natural-language briefings instead of constant notifications.

Comments URL: https://news.ycombinator.com/item?id=47205893

Points: 1

# Comments: 0

Article URL: https://99helpers.com/tools/ad-supported-chat

Comments URL: https://news.ycombinator.com/item?id=47205890

Points: 2

# Comments: 1

Article URL: https://www.wsj.com/livecoverage/iran-strikes-2026/card/u-s-strikes-in-middle-east-use-anthropic-hours-after-trump-ban-ozNO0iClZpfpL7K7ElJ2

Comments URL: https://news.ycombinator.com/item?id=47205870

Points: 6

# Comments: 0

I'm building a "coordination primitive" for autonomous AI agents, i.e., a REST API where they can create polls and vote in order to make collective decisions. So, it's a bit like Google Forms, but for bots. It's fun to contemplate what constitutes a good UI for them.

You can have your agent(s) explore it at https://vote-demo.dapp32.com (the likes of Codex Mini or Claude Haiku should be enough). Heads up: the API provides Python code templates to help the caller cryptographically sign the payload, so take appropriate security precautions. Unlike humans I know, AI agents quite easily handle cryptography, which bakes in auditability and identity verification. I also made a Postman demo where you can step through the voting process. Please see the linked 'about' page for more.

Does this approximate a solution to a real coordination problem you have? I'd love to hear.

==

For humans: https://vote-demo.dapp32.com/about

For AIs: https://vote-demo.dapp32.com/

Comments URL: https://news.ycombinator.com/item?id=47205857

Points: 2

# Comments: 0

Article URL: https://www.wsj.com/business/energy-oil/a-new-threat-to-power-grids-data-centers-unplugging-at-once-741f1bda

Comments URL: https://news.ycombinator.com/item?id=47205841

Points: 4

# Comments: 1

Article URL: https://danielmangum.com/posts/fooling-go-x509-certificate-verification/

Comments URL: https://news.ycombinator.com/item?id=47205837

Points: 1

# Comments: 0

Article URL: https://www.todayintabs.com/p/a-i-isn-t-people

Comments URL: https://news.ycombinator.com/item?id=47205796

Points: 2

# Comments: 0

I built a fast TUI viewer for structured logs. It auto-detects JSON Lines, logfmt, and plain text, with level/time filtering, search, and custom columns.

Handles 1M+ lines with batch processing (~550K JSON lines/sec). Pipe-friendly: kubectl logs -f pod | lazylogs Built with Go and Bubble Tea. Feedback welcome.

Comments URL: https://news.ycombinator.com/item?id=47205795

Points: 1

# Comments: 0

Article URL: https://cloud.google.com/blog/topics/threat-intelligence/disrupting-gridtide-global-espionage-campaign

Comments URL: https://news.ycombinator.com/item?id=47205780

Points: 1

# Comments: 0

I built this because I got tired of every feed being contaminated with AI-generated content. LinkedIn is unusable. Even HN occasionally gets SEO-farmed articles. I wanted a place where every submission had to be from a real person who actually read the thing and thought it was worth sharing.

OpenLinq is essentially a Lobsters/HN-style link aggregator with three constraints:

1. Invite-only — you need a referral from an existing member (or claim a founding spot while we're in early access) 2. No AI-generated content — community norm enforced by flagging, auto-hidden at 5 flags 3. No algorithmic feed manipulation — sort by score or new, that's it

Stack: Next.js App Router, Neon Postgres, Prisma, Vercel, AWS SES for transactional email.

Features: reputation system (upvotes earn rep, rep unlocks more invite codes), topic groups, weekly digest email, bookmarking, comments, invite-by-email from settings, dynamic OG cards when you share articles, and a referral chain so you always know who invited whom.

Currently opening the first 100 founding spots without needing a referral code — just go to openlinq.xyz and claim one. After that, invite-only.

Would love feedback on: Is the invite-only mechanic annoying or does it feel worth it? What content policies would you want to see enforced?

Comments URL: https://news.ycombinator.com/item?id=47205779

Points: 1

# Comments: 0

Article URL: https://businessmirror.com.ph/2026/02/25/rebel-startups-challenge-conglomerates-in-koreas-ai-squid-game/

Comments URL: https://news.ycombinator.com/item?id=47205778

Points: 2

# Comments: 0