Hacker News: wlkr

New comment by wlkr in "Help I accidentally a wigglegram"

wlkr — Mon, 22 Jun 2026 05:39:02 +0000

I had a look at the top submissions on the /r/wigglegrams subreddit [0]. It seems that some (including some of those featured in the article) are the more prototypical stereoscopic wigglegram, whereas others are more a stylistic effect.

[0]: https://www.reddit.com/r/wigglegrams/top/?screen_view_count=...

New comment by wlkr in "RoguePlanet: Windows 0-day privilege escalation"

wlkr — Thu, 11 Jun 2026 10:02:21 +0000

Some wider context on this for anyone OOTL.

https://www.theregister.com/security/2026/06/10/nightmare-ec...

Nottingham Uni says student records raided after ShinyHunters claims cyberattack

wlkr — Thu, 11 Jun 2026 09:58:44 +0000

Article URL: https://www.theregister.com/cyber-crime/2026/06/11/shinyhunters-raids-nottingham-uni-for-student-alumni-data/5253961

Comments URL: https://news.ycombinator.com/item?id=48488314

Points: 2

# Comments: 0

New comment by wlkr in "Ferrari Luce, Maranello's first ever electric car"

wlkr — Mon, 25 May 2026 22:30:01 +0000

I also hate crappy car tablets. For context, though, according to the Ferrari CEO, they are 50% cheaper [0]. I'm not convinced that should matter on a premium badge car (or any car, given safety concerns), but that's for Ferrari's customers to decide.

[0]: https://www.thedrive.com/news/touch-controls-are-50-cheaper-...

New comment by wlkr in "Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised"

wlkr — Tue, 19 May 2026 07:58:06 +0000

At this point I would very much like to get off Mr Bones' Wild Ride but I fear this is going to continue to happen because, from my own exploration at least, a large number of commercial detection strategies are directed at the repo/device/developer level when loading/using a package.

This seems analogous to how we tackle email spam and general malware. It means that there is almost always a target valuable enough for bad actors to continue trying. However, unlike email (mostly...), package managers are centralised authorities (and anything out-of-band is surely the developers problem?).

My ill-informed feeling is that we might need to change the culture of lazy versioning with rapid releases and focus on stable, deeply scanned versions at registries. There will be some effect of volume and scale so I could be off, but it still seems telling that this impacts high-churn languages more often.

I don't know, I would love a comprehensive article that explores the landscape right now.

New comment by wlkr in "BambuStudio has been violating PrusaSlicer AGPL license since their fork"

wlkr — Mon, 18 May 2026 11:00:34 +0000

I didn't say it was necessarily more credible, although I understand that was mentioned further up.

Personally I found the article (not the tweets) much more useful to understand the context of all this, as someone very out of the loop. Certianly more useful to me than a long list of very specific, in my option largely LLM output, points about a codebase I'm entirely unfamiliar with with claims that seem to need a legal team and court case to be meaningful. Slop is somewhat unfair and I'm happy to be disagreed with.

New comment by wlkr in "BambuStudio has been violating PrusaSlicer AGPL license since their fork"

wlkr — Mon, 18 May 2026 06:51:42 +0000

This is much better than the current slop post. Could it be swapped, please @dang?

New comment by wlkr in "Shai-Hulud Themed Malware Found in the PyTorch Lightning AI Training Library"

wlkr — Thu, 30 Apr 2026 18:25:46 +0000

This might just be the frequency illusion at play, but there seem to have been a number of high-profile supply chain attacks of late in major packages. There are several articles on the first few pages of HN right now with different cases.

Looking back ten years to `left-pad`, are there more successful attacks now than ever? I would suspect so, and surely the value of a successful attack has also increased, so are we actually getting better as a broad community at detecting them before package release? It's a complex space, and commercial software houses should do better, but it seems that whilst there are some excellent commercial products (e.g. CI scan tools), generally accessible, idiot friendly tooling is somewhat lacking for projects which start as hobby/amateur code but end up being a dependency in many other projects.

I've cross-posted my comment from the current SAP supply chain attack thread [0].

[0]: https://news.ycombinator.com/item?id=47964003

New comment by wlkr in "Official SAP NPM packages compromised to steal credentials"

wlkr — Thu, 30 Apr 2026 18:23:47 +0000

New comment by wlkr in "City birds more afraid of women than men, scientists have no idea why"

wlkr — Wed, 29 Apr 2026 14:34:38 +0000

This is a brilliantly accessible study, and ripe for some fun follow-ups. It would be interesting to replicate in other continents and with different species. I suspect the mystery will be readily resolved through hypothesis testing under controlled conditions.

Leaked plan to end US elections points to WW3. Stephen Fry [video]

wlkr — Wed, 29 Apr 2026 10:22:45 +0000

Article URL: https://www.youtube.com/watch?v=lNfzRshsDjY

Comments URL: https://news.ycombinator.com/item?id=47946342

Points: 7

# Comments: 1

New comment by wlkr in "UK to permanently ban future generations from buying cigarettes"

wlkr — Sat, 25 Apr 2026 15:41:01 +0000

Somewhat related HN discussions from a while back when New Zealand sought to do the same [1] [2]. Worth noting that it was later scrapped [3].

[1]: https://news.ycombinator.com/item?id=33970717

[2]: https://news.ycombinator.com/item?id=33967454

[3]: https://www.theguardian.com/world/2024/apr/19/new-zealand-sm...

New comment by wlkr in "M5Stack CardputerZero – Pocket Raspberry Pi Computer for Hackers"

wlkr — Fri, 17 Apr 2026 10:11:06 +0000

Hopefully this doesn't seem like advertising - I'm not affiliated with the project in any way. I just particularly enjoy playing with cyberdecks [1] and stumbled upon this while browsing. I continue to have a lot of fun with the uConsole and SDR, but I've long wanted a Cardputer with a bit more oomph. I should add, if anyone is interested in a uConsole, brace yourself for the shipping times... [2].

[1]: https://www.reddit.com/r/cyberDeck/

[2]: https://www.reddit.com/r/ClockworkPi/comments/1fk893z/shippi...

M5Stack CardputerZero – Pocket Raspberry Pi Computer for Hackers

wlkr — Fri, 17 Apr 2026 10:05:14 +0000

Article URL: https://shop.m5stack.com/pages/m5-cardputerzero

Comments URL: https://news.ycombinator.com/item?id=47804267

Points: 2

# Comments: 1

New comment by wlkr in "Show HN: I Built Paul Graham's Intellectual Captcha Idea"

wlkr — Mon, 06 Apr 2026 17:35:25 +0000

Yes, I also assumed an imperfect system with cases of fraud for the medical exam question and was quite surprised by the overly simplistic response.

New comment by wlkr in "No leap second will be introduced at the end of June 2026"

wlkr — Mon, 09 Mar 2026 15:41:17 +0000

Interesting! There's a lot I don't know about this, but I know a little more now. I'll admit, I naively thought this would be more regular than it appears to be [0].

[0]: https://en.wikipedia.org/wiki/Leap_second

New comment by wlkr in "UK House of Lords Votes to Extend Age Verification to VPNs"

wlkr — Mon, 26 Jan 2026 10:34:11 +0000

I'm very interested to see how some VPN providers react to this. For a zero logs VPN provider, if such a thing can really exist, how big of a problem is this? Presumably many customers pay with a debit/credit card already so there's some PII on file? Usage remains the same? Surely savvy people can just use their existing VPN to buy a VPN from outside the UK.

Of course, we're sliding quite rapidly down that slippery slope here so I'm sure logging and easier government tracking would be next. The justifications will get weaker and even more lacking in supporting evidence for their implementation.

New comment by wlkr in "Phel: A Functional Lisp Dialect for PHP Developers"

wlkr — Fri, 21 Nov 2025 13:40:53 +0000

This seems to have been posted a few times over the years, e.g. [0]. I was impressed and pleased to see that I hadn't missed the boat on this, and in fact, the project seems to still be going very strong [1]!

[0]: https://news.ycombinator.com/item?id=26184044

[1]: https://github.com/phel-lang/phel-lang

Phel: A Functional Lisp Dialect for PHP Developers

wlkr — Fri, 21 Nov 2025 13:36:45 +0000

Article URL: https://phel-lang.org/

Comments URL: https://news.ycombinator.com/item?id=46004451

Points: 2

# Comments: 1

Matrix collapses: Mathematics proves universe cannot be a computer simulation

wlkr — Sat, 01 Nov 2025 23:37:41 +0000

Article URL: https://interestingengineering.com/culture/mathematics-ends-matrix-simulation-theory

Comments URL: https://news.ycombinator.com/item?id=45786509

Points: 3

# Comments: 0