Hacker News: lemax

New comment by lemax in "Phone-free bars and restaurants on the rise across the U.S."

lemax — Sun, 05 Apr 2026 21:30:40 +0000

The worst has been the post-covid assignment of seating and QR code driven ordering in bars. So few opportunities to mingle. I miss standing in bars, talking to bartenders, chatting with random patrons. This has recovered much better in large cities but I find that restaurants and bars in US suburban environments are deeply impersonal now. It’s no wonder singles are stuck meeting partners on apps with so little unstructured social opportunities left. Not to mention no one is going to bars anymore anyway.

Active Supply Chain Attack on axios 1.14.1

lemax — Tue, 31 Mar 2026 01:48:37 +0000

axios@1.14.1, published 2026-03-31, introduces a new dependency plain-crypto-js@4.2.1 that was not present in axios@1.14.0. This package is malicious — it contains an obfuscated postinstall script (setup.js) that downloads and executes a remote payload.

Evidence

axios@1.14.0 dependencies: follow-redirects, form-data, proxy-from-env (3 deps)

axios@1.14.1 dependencies: same 3 + plain-crypto-js (new, not in any prior axios version)

plain-crypto-js has "postinstall": "node setup.js" in its scripts

setup.js is heavily obfuscated — it decodes base64 strings, writes scripts to the OS temp directory, executes them via shell (macOS) or PowerShell (Windows), then deletes itself

Comments URL: https://news.ycombinator.com/item?id=47581837

Points: 18

# Comments: 1

New comment by lemax in "Get Shit Done: A meta-prompting, context engineering and spec-driven dev system"

lemax — Wed, 18 Mar 2026 09:44:15 +0000

I'm still stuck on superpowers. Can't seem to get better plans out of native claude planning - superpowers ensures I have a reviewed design that actually matches my mental model. Typical claude planning doesn't confirm assumptions sufficiently for my weak brain dumps/poorly spec'd tickets.

New comment by lemax in "Magical Mushroom – Europe's first industrial-scale mycelium packaging producer"

lemax — Mon, 23 Feb 2026 18:44:58 +0000

Mycelium has been shown to colonize some of the most unexpected substrates - cigarette butts [1], sawdust, you name it.

https://circulareconomy.europa.eu/platform/en/good-practices...

New comment by lemax in "I'm not worried about AI job loss"

lemax — Sat, 14 Feb 2026 00:07:35 +0000

I think that, for possibly a very long time, AI will just increase the quality bar and scale of expectations when we produce things. We might take the same amount of time (or longer) to produce something, but with significantly better outcomes. Ultimately human preferences and tastes prevail and the world is full of problems that are not simple I/O, that are not repeatable, and that require human taste to improve. The people who will immediately survive economically are the ones who leverage AI to produce stuff that wasn't possible before.

New comment by lemax in "Why "just prompt better" doesn't work"

lemax — Tue, 10 Feb 2026 06:53:13 +0000

I've tried all the Q&A skills, confidence meters and little hacks to get agents to clarify and propose better solutions. Clarification and planning has gotten a lot better using some skills (e.g. obra/superpowers), but counterproposals and negative feedback are rarely up to snuff with something a staff level colleague would come up with - this seems to be amplified when you already have an extensive PRD or plan together. If a plan is already fleshed out but is inefficient or contains some anti-patterns, I've had better results just throwing these out, taking what I've learned and summarizing tradeoffs in a brand new chat.

Once you have a comprehensive plan together, or a fairly full context window, agents have a lot of issues zooming out. This is particularly painful in some coding agents since they're loading your existing code into context and get weighted down heavily by what already exists (which makes them good at other tasks) vs. what may be significantly simpler and better for net-new stuff or areas of your codebase that are more nascent.

New comment by lemax in "Wall Street just lost $285B because of 13 Markdown files"

lemax — Fri, 06 Feb 2026 16:32:38 +0000

Yes, we're in for more headless interfaces and there are existing products that will struggle to serve these new interaction models due to organizational constraints. But I don't think it's as simple as asking "are they a system of record" as we think about the companies that will adapt and thrive and the new ones that will come. Enterprises are investing AI spend into improving core processes and responding to competitive pressure, not saving money and introducing risk into areas they have historically delegated to vendors. AI is going to give us more software, and increase spending as firms seek efficiency in new areas, and they're going to continue to knock on doors of vendors to do it as they always have. Not to mention the demand for auditable, repeatable workflows is still there and always going to be there and dedicated systems are needed to solve this in each problem domain.

New comment by lemax in "The tech monoculture is finally breaking"

lemax — Fri, 23 Jan 2026 23:02:54 +0000

Yeah, I guess this take is tempting for a technologist, but Gen Z is buying iPods and walking around in wired headphones because it's cool and nostalgic, not because of usability. Cycles of nostalgia are well understood to be getting smaller. The creative industry is creating new things less frequently and referring back sooner (the old 20 year cycle of fashion repeating itself is contracting). There is an element of disenchantment, of wanting to disconnect from the present, but that has always sort of been there as people reached for vintage cameras, record players, and old clothes in the niche cultural movements that have preceded the current Gen Z 2000's obsession that's happening.

see https://www.npr.org/2022/03/01/1081115609/from-tumblrcore-to...

New comment by lemax in "Windsurf employee #2: I was given a payout of only 1% what my shares where worth"

lemax — Fri, 25 Jul 2025 18:55:32 +0000

This is a fair cautionary tale but it's worth understanding the specifics of the situation – Windsurf maintained a relatively easy to replicate product with no moat, and employed a bunch of attractive talent. The company got gutted of these employees and lost its valuation because no suitable buyer thought their IP was exceptionally valuable on its own. Just because this was the outcome for Windsurf does not mean there are no longer opportunities to join startups building sticky customer bases with valuable IP and walk away wealthier when they exit – yes there is a liquidity problem[1] but let'a be honest with ourselves about the specifics of the case for Windsurf.

[1] https://techcrunch.com/2024/01/11/us-startups-have-a-liquidi...

New comment by lemax in "Acquisitions, consolidation, and innovation in AI"

lemax — Thu, 24 Apr 2025 19:19:58 +0000

This take doesn't really highlight the fact that the most competitive foundational model companies are innovative application builders. Anthropic and OpenAI are vying for consumers to use their models by building these sort of super applications (ChatGPT, Claude) that can run code, plot graphs, spin up text editors, create geographic maps, etc. These are well staffed and strategically important areas of their businesses. There's competition to attract consumers to these apps and they will grow more capable and commoditize more compliments along the way. Who needs Jasper when you can edit copy in ChatGPT, or an AI python notebook app, or, now, Cursor?

Authorization in MCP Servers: What's Missing and What's Coming

lemax — Sun, 13 Apr 2025 11:15:48 +0000

Article URL: https://maxhammad.substack.com/p/authorization-in-mcp-servers-whats

Comments URL: https://news.ycombinator.com/item?id=43671934

Points: 3

# Comments: 0

New comment by lemax in "Charlie Javice convicted of defrauding JPMorgan in $175M startup sale"

lemax — Tue, 01 Apr 2025 02:55:24 +0000

I'm not sure that's the "core problem", it sounds like companies should do diligence on a data asset if that's what they're after.

New comment by lemax in "Show HN: I built a website for sharing drum patterns"

lemax — Mon, 24 Mar 2025 00:33:23 +0000

ISPs / other middlemen can monitor and modify unencrypted traffic. In Egypt, Syria and Turkey for example ISP’s injected malware into unencrypted sites that led people to install spyware when attempting to download legitimate programs (link). Other state actors have changed the content of news media, etc. Without HTTPS you lose the ability to trust the integrity of a given webpage.

https://www.bitdefender.com/en-us/blog/hotforsecurity/turkis...

New comment by lemax in "Seven39 – a social media app that is only open for 3 hours every evening"

lemax — Tue, 11 Mar 2025 06:40:03 +0000

It could be interesting to host several isolated versions open at different times, maybe a Nine39, a Five39? But you can only sign up for one.

New comment by lemax in "Who killed the rave?"

lemax — Wed, 08 Jan 2025 19:31:04 +0000

There is still a vast web of international niche electronic music scenes and artists, and elements of electronic music as well as the instruments used to produce it have been used in popular music for many decades (Donna Summer, 80s new wave bands, Madonna, etc).

Has Sequoia Capital outgrown its business model?

lemax — Fri, 29 Nov 2024 22:02:13 +0000

Article URL: https://www.economist.com/business/2024/11/28/has-sequoia-capital-outgrown-its-business-model

Comments URL: https://news.ycombinator.com/item?id=42277513

Points: 1

# Comments: 0

New comment by lemax in "How good are American roads?"

lemax — Wed, 20 Nov 2024 19:44:06 +0000

I once drove across the US-Canadian border during a snowstorm. On the Canadian side, the road was a slew of white slush that had us hydroplaning on and off. But as soon as we crossed back into the States, it was like a switch flipped. The road went from a slushy bog to a pristine surface with zero snow accumulation, just a slight gleam of moisture.

New comment by lemax in "A new JSON data type for ClickHouse"

lemax — Wed, 23 Oct 2024 02:29:27 +0000

As far as I understand they're talking about the internal storage mechanics of ClickHouse, these aren't user exposed JSON data types, they just power the underlying optimizations they're introducing.

New comment by lemax in "Threat actor abuses Cloudflare tunnels to deliver remote access trojans"

lemax — Thu, 01 Aug 2024 22:34:05 +0000

Isn't this what happens to every free quick tunnel product? Was kinda just waiting for this to play out. ngrok had nice zero friction tunneling when it came out but then they had to put everything behind a sign-up flow due to the same sort of abuse.

New comment by lemax in "Copying is the way design works (2020)"

lemax — Tue, 23 Jul 2024 06:31:54 +0000

As a designer, one eventually thinks not about what they liked in other people's work but why it worked. You can derive a design out a compendium of some things that you've seen that you like, but ultimately, to be successful you need to know why what you're copying made sense for its purpose. Perhaps you need to even encounter the same problem; it takes a bit of maturity to copy effectively.