Published on May 15, 2026 at 18:01 CEST (UTC+2)
A 0-click exploit chain for the Pixel 10 (103 points by happyhardcore)
A 0-click exploit chain for the Pixel 10
Google Project Zero describes adapting their earlier Pixel 9 zero-click-to-root exploit chain to the Pixel 10. The main changes involved updating offsets and working around the new RET PAC protection instead of -fstack-protector. The Dolby driver vulnerability (CVE-2025-54957) was reused, and the local privilege escalation part had to be ported because the previous BigWave driver was removed. The exploit only works on unpatched devices with SPL December 2025 or earlier, highlighting the arms race between security mitigations and exploit development.
ASCII by Jason Scott (48 points by bookofjoe)
ASCII by Jason Scott
This is a personal website by Jason Scott, a digital archivist and historian known for his work on textfiles.com and other retrocomputing projects. The site likely hosts his writings, essays, and collections related to ASCII art, BBS culture, and digital preservation. Without content preview, it can be assumed to be a hub for his ongoing historical documentation efforts in computing history.
O(x)Caml in Space (169 points by yminsky)
O(x)Caml in Space
Thomas Gazagnère reports that a pure-OCaml CCSDS protocol stack (Borealis) successfully booted in low Earth orbit aboard DPhi Space’s ClusterGate-2 payload. The project uses safe OCaml for end-to-end encrypted command/control and post-quantum key rotation, emphasizing the language’s safety and performance for untrusted code on satellites. This implements KC Sivaramakrishnan’s speculative vision of OCaml 5 going to the moon, albeit in orbit first.
Explore Wikipedia Like a Windows XP Desktop (329 points by smusamashah)
Explore Wikipedia Like a Windows XP Desktop
This web application presents Wikipedia and Wikimedia Commons as a Windows XP file explorer, allowing users to browse categories as folders and open articles as documents. It includes features like setting an image as desktop background and a geofile explorer for Earth. The project is inspired by various retro-UI experiments and aims to make Wikipedia navigation feel like an early-2000s desktop environment.
High dimensional geometry is transforming the MRI industry(2017) [pdf] (40 points by nill0)
High dimensional geometry is transforming the MRI industry (2017)
This PDF presentation by David Donoho and others likely explains how compressed sensing and high-dimensional geometry principles are revolutionizing MRI acquisition and reconstruction. It probably covers how sparsity and random sampling enable faster scans without sacrificing image quality, a key advance in medical imaging. The 2017 date indicates this is a foundational talk on an AI/ML-adjacent technique.
Trade Dollars with other startups. Book it as revenue (105 points by tormeh)
Trade Dollars with other startups. Book it as revenue
RevSwap.ai is a platform enabling startups to exchange services (trade dollars) and recognize that barter as revenue for accounting purposes. The service helps companies fill gaps in resources without cash outlay, and the "book it as revenue" angle suggests a tool for proper financial reporting of non-cash transactions. It targets early-stage startups looking to optimize cash flow.
A new book on Steve Jobs at NeXT (85 points by rbanffy)
A new book on Steve Jobs at NeXT
IEEE Spectrum covers a new book focusing on Steve Jobs’ “wilderness years” between leaving Apple and returning—the NeXT era. The article argues that this period, often seen as a failure, actually shaped Jobs’ later success as Apple CEO by teaching him product discipline, team building, and strategic patience. It provides insights into the technology and culture of NeXT Computer.
We are retiring our bug bounty program (263 points by tjek)
We are retiring our bug bounty program
Turso, a database company, announces the end of its $1,000 bug bounty program because maintainers were overwhelmed by low-quality, AI-generated bug reports (“slop”). The program became a target for automated submissions claiming data corruption bugs, making it impossible to sustain. Turso shares this decision publicly as a cautionary tale about the impact of AI-generated content on open-source governance.
I built Zenith: a live local-first fixed viewport planetarium (5 points by surprisetalk)
I built Zenith: a live local-first fixed viewport planetarium
Zenith is a real-time star viewer that zooms in to a field of view equal to the amount the sky turns in 30 seconds (about 180x magnification). This makes Earth’s rotation visibly apparent as stars drift across the screen without time-lapse. The project explains the relationship between zoom, field of view, and apparent motion, and notes that real telescopes use equatorial mounts to counteract this drift.
Radicle: Sovereign {code forge} built on Git (107 points by KolmogorovComp)
Radicle: Sovereign {code forge} built on Git
Radicle is an open-source, peer-to-peer code collaboration platform that replaces centralized services like GitHub. It uses Git under the hood, with cryptographic identities, a gossip protocol for metadata exchange, and full user control over data and workflows. The project emphasizes censorship resistance, data permanence, and autonomy, with both CLI and desktop client options.
AI-generated “slop” is breaking traditional open-source incentive models
Turso’s experience shows that AI-generated bug reports, often low-quality and automatic, can overwhelm maintainers and force the shutdown of reward-based programs. This trend threatens bug bounties, patch submissions, and community reviews across open source. Developers need new governance tools—like automated slop detection, reputation systems, or submission fees—to preserve the signal in the noise.
Safe functional languages are gaining traction in safety-critical and edge AI deployments
OCaml’s use in a satellite’s command-and-control stack (with post-quantum cryptography) underscores a push toward memory-safe, mathematically rigorous languages for systems where AI models might run on-device. This trend matters for AI/ML because edge inference on satellites, drones, or IoT devices will require the same safety guarantees, potentially driving adoption of OCaml, Rust, or other safe languages for AI runtime.
Compressed sensing and high-dimensional geometry remain foundational for MRI AI
The 2017 talk on high-dimensional geometry transforming MRI highlights the mathematical underpinnings of modern medical imaging AI. Techniques like iterative reconstruction, deep learning denoising, and sparse sampling all build on these principles. For AI/ML practitioners, understanding the geometry of measurement subspaces is key to designing efficient models that reduce scan times while maintaining diagnostic quality.
Zero-click mobile exploits expose new attack surfaces for on-device AI
The Pixel 10 exploit chain shows that vulnerabilities in media decoders (Dolby) can be chained to gain root access, even with newer CPU protections (PAC). As AI models and inference run increasingly on mobile hardware (e.g., Pixel Neural Core), similar bugs in AI accelerators or custom DSPs could become prime targets. Security researchers must extend fuzzing and mitigation strategies to AI-specific firmware and drivers.
Decentralized code forges like Radicle could reshape AI model development and sharing
Radicle’s peer-to-peer, censorship-resistant Git model offers an alternative to centralized ML hubs (e.g., Hugging Face). For AI/ML, this means models, datasets, and training pipelines can be hosted without platform lock-in, while cryptographic signatures ensure provenance. This trend aligns with the growing demand for reproducible, auditable AI artifacts and could reduce central points of failure or policy enforcement.
AI-enhanced UI/UX continues to blend nostalgia with novel interaction paradigms
The Wikipedia File Explorer project reimagines information browsing through a retro lens, but with modern web capabilities. For AI/ML, such interfaces hint at how future tools might present model outputs (e.g., as file systems, desktops, or maps) to make complex data navigable. Combined with AI search and summarization, these “explorer” metaphors could become a standard way to interact with knowledge graphs or ML inference results.
Real-time local-first planetariums illustrate edge computing for AI-powered astronomy
Zenith’s fixed-viewport approach runs entirely in the browser, computing star positions from local data. This local-first pattern is crucial for AI/ML applications in astronomy (e.g., real-time object detection in camera feeds) where latency and connectivity are limited. The trend toward client-side, device-resident AI (as opposed to cloud-dependent) is reinforced by such projects, enabling offline-capable educational and scientific tools.
Analysis generated by deepseek-reasoner