Hasty Briefsbeta

Bilingual

NYT and Vaping: How to Lie by Saying Only True Things
5 hours ago
- The 2019 EVALI outbreak was caused by illicit THC vapes with vitamin E acetate, not legal nicotine vaping products.
- A 2022 New York Times article misleadingly implies legal nicotine vapes caused a teen's lung injury by using technically true phrases like 'vaping-related lung injury' and juxtaposing THC and nicotine vaping.
- The article's narrative links synthetic nicotine, flavored vapes, and a hospitalization without stating the actual cause was THC, exploiting selective wording and omission to mislead readers.
- Media coverage amplified the misconception by conflating THC and nicotine vaping, despite no lab evidence linking legal nicotine products to EVALI.
- The piece is criticized as agenda journalism, using bounded distrust and grammatical manipulation to sway public opinion against nicotine vaping while avoiding outright falsehoods.
SQL patterns I use to catch transaction fraud
6 hours ago
- SQL is the primary tool for fraud detection in transaction data, not ML or graph databases.
- Six SQL patterns detect fraud: velocity, impossible travel, amount anomalies, suspicious merchants, off-hours, and window functions for chained signals.
- Velocity detects rapid transactions to spot stolen cards; sliding windows and thresholds are tunable.
- Impossible travel identifies cloned cards via distant, quick successive transactions using distance/speed calculations.
- Amount anomalies flag round or just-below-threshold amounts like $1.00 or $99.99, common in card testing or rule evasion.
- Suspicious merchants pinpoint compromised terminals by spikes in unique cards or spending relative to baselines.
- Off-hours analysis flags transactions outside a cardholder's habitual spending times, requiring historical data.
- Window functions enable composable fraud rules, speeding up detection by allowing SQL-based hypothesis testing.
- Combining multiple patterns reduces false positives; start with velocity for new fraud detection efforts.
- Considerations include NULL handling, false positives, privacy, cost optimization, and feedback loops for tuning.
Ploopy Bean: a trackpoint for every computer
3 days ago
- The Bean Pointing Stick is available for preorder, with shipping based on availability and split into tiers: EARLY ACCESS (ships immediately), TIER A (ships within 8 weeks of launch), and TIER B (ships within 20 weeks of launch). Launch date is 6 May 2026.
- Ploopy has a strong track record of successfully managing preorders and delivering units on time.
- Each Bean Pointing Stick kit includes 3D-printed parts (top, bottom, spring), electronics (PCB, optional USB-A to USB-C cable), and hardware (screw, magnet, friction pads, nub). It comes fully assembled but assembly instructions are available.
- The device ships with QMK firmware preloaded, but loading new firmware is easy using tools like QMK Toolbox or Configurator, with a guide provided.
- Modders are encouraged to read the official Modder's Guide for tips; if checkout fails, temporarily disable ad-blockers as they may interfere.
Why they stopped building wooden stupas: on survivorship bias in history
2 days ago
- A massive wooden stupa built by Kushan emperor Kanishka, the Kanishka Stupa, was repeatedly struck by lightning due to its height and metal finials, leading to its eventual destruction and abandonment.
- Wooden stupas evolved into East Asian pagodas, but the original wooden structures have not survived due to their perishable materials.
- Historical survivorship bias means durable materials like stone dominate our view of the past, while perishable structures like wooden stupas are underrepresented.
- Important artifacts, texts, and structures are often destroyed because of their significance, as seen with sacred images or personal letters marked 'destroy this letter.'
- Historical emotions are often lost over time, leaving only intellectual remnants, similar to how wooden stupas burned down, leaving only stone bases.
- Digitization and internet availability can create biases in historical study, as undigitized archives from certain regions are under-researched.
ArXiv to Ban Researchers for a Year If They Submit AI Slop
9 hours ago
- ArXiv will impose a one-year ban on authors who submit obviously AI-generated papers without checking the content.
- Examples of unacceptable AI-generated content include plagiarized material, biased text, errors, hallucinated references, and meta-comments from the LLM.
- After the ban, future submissions must first be published in a reputable peer-reviewed journal before being allowed on arXiv.
- The policy emphasizes that authors are responsible for verifying AI-generated content to maintain trust in scientific works.
Ink/Stitch
12 hours ago
- Ink/Stitch user meeting scheduled for May 23, 2026, in Hamburg, Germany.
- Ink/Stitch event planned for September 20, 2025, in Kiel, Germany.
- Ink/Stitch offers a chat channel and discussion board for community engagement.
- Ink/Stitch participation in the Libre Graphics meeting in Nuremberg.
- Release of Ink/Stitch version 3.2.2.
- Features include various stitch types, an easy-to-use lettering system, stitch path optimization tools, and support for multiple output formats.
- Comprehensive user manual covering installation, customization, and detailed tool descriptions.
- Stitch library provides numerous stitch types for creative digitizing.
- Font library offers pre-digitized fonts for direct use in designs.
- Tutorials and sample files available for techniques like appliqué, free-standing lace, and digitizing basics.
- Community support and involvement opportunities, including bug reporting, tutorials, documentation, translations, and programming.
Use Your ChatGPT Subscription in Zed
12 hours ago
- Zed's agent now supports signing in with a ChatGPT account, allowing users to use OpenAI's models directly within Zed, with usage covered by their ChatGPT subscription. Codex is included with ChatGPT subscriptions, based on tier.
- This comes as other platforms like Anthropic and GitHub Copilot shift toward usage-based billing, while Zed and OpenAI aim to provide cost-effective, subscription-based inference without per-token charges.
- Setup involves opening the model selector in Zed's agent panel, clicking 'Configure,' and signing in with a ChatGPT account under LLM Providers to access available models.
- Users can utilize OpenAI's models in multiple ways: through Zed's built-in agent, via an ACP adapter for compatibility with tools like JetBrains, through the CLI (including future Terminal Threads), or by bringing their own OpenAI API key for usage-based billing.
- Zed expresses gratitude for OpenAI's continued support of subscription-based access in third-party tools, contrasting with industry trends, and encourages users to try Zed on macOS, Windows, or Linux, while also noting hiring opportunities.
Jank now has its own custom IR
12 hours ago
- Jank introduces a custom intermediate representation (IR) tailored to Clojure's semantics for better optimization.
- The IR is SSA-based and represented as a control flow graph, with instructions like var-deref and dynamic-call.
- Optimizations include inlining arithmetic via metadata, eliminating redundant IR instructions, and using pointer tagging for integers.
- Tagged pointers reduce dynamic allocations for integers, significantly improving performance in benchmarks like recursive fibonacci.
- Further optimization with C++ attributes ensures arithmetic functions are inlined, making jank faster than Clojure JVM in some cases.
- Jank's AOT compilation approach contrasts with the JVM's JIT optimization, but jank aims to be competitive in performance.
OpenAI Models in OpenClaw, Done Right
10 hours ago
- OpenClaw now uses Codex app-server as the default runtime for OpenAI agent turns, improving integration and reducing friction.
- Codex manages the low-level OpenAI loop: native thread state, tool continuation, compaction, code mode, and dynamic tool search.
- OpenClaw handles product-specific features: channels, persona, memory, sessions, cron, media, browser, gateway, and OpenClaw tools.
- Visible replies are intentional via the OpenClaw message tool, distinguishing internal reasoning from user-facing communication.
- Heartbeat turns use structured state (e.g., heartbeat_respond) for explicit outcomes, replacing sentinel text.
- Dynamic tool loading reduces prompt bloat, allowing models to search and load tool schemas on demand.
- Auth integrates with ChatGPT subscriptions; OpenClaw routes OpenAI models through Codex by default.
- State isolation ensures OpenClaw agents have separate Codex homes, preventing leaks with personal CLI setups.
- Guardrails include reviewed approval modes, leveraging Codex safety while maintaining OpenClaw policy control.
- Benefits extend to all models: lessons from Codex improve OpenClaw's harness for broader multi-model support.
Mustela – A static site generator born from forensic family analysis
8 hours ago
- Mustela generates thousands of pages per second using a highly optimized pipeline and multi-threading.
- It employs Unix-first design with native syscalls like inotify for zero-latency filesystem monitoring.
- Zero-copy architecture avoids redundant memory allocations by passing pointers in a stateful DSL engine.
- The tool is a 1.3 MB binary with no dependencies, statically linked for deterministic output in hostile environments.
- Partial hydration provides smart change detection, keeping developer feedback loops under 50ms.
- Originally forged as a forensic tool for documenting truth under extreme stress and chaos.
- Engineered for sub-millisecond throughput with direct HTML stream manipulation and a zero-abstraction philosophy.
- Performance metrics show processing 5,000 Markdown files in 528 ms (~9,470 pages/second) with low RAM usage.
- Fault-tolerant design prioritizes data delivery over syntactical perfection, unlike traditional tools.
- Features a zero-load UI with Ada-Ruby hybrid syntax for readability under high cognitive load.
- Offline autonomous single binary perfect for disconnected, intermittent, limited environments.
- Hybrid content power allows seamless transition from metadata to content using a script-like approach.
- Modular templating with stateful DSL enables composing HTML components with zero rendering overhead.
- Acts as a high-performance core generating clean scaffolding compatible with modern stacks like Bun or Vite.
- Community edition for individuals, researchers, NGOs; tactical edition for mission-critical deployments with optimized builds.
Is China using fentanyl as a weapon against the United States?
4 hours ago
- Over 100,000 annual US overdose deaths, largely from fentanyl, a potent synthetic opioid.
- Fentanyl is primarily produced abroad, with China being a key source of precursors and finished products.
- China banned fentanyl derivatives in 2019, but precursor chemicals continue to be supplied.
- Mexican criminal groups traffic fentanyl precursors from China and smuggle finished drugs into the US.
I broke AppLovin's mediation cipher protocol
4 hours ago
- AppLovin's encrypted ad-mediation protocol, using a custom cipher, allows deterministic re-identification of iPhones across apps even when ATT is denied.
- The cipher uses a universal salt and per-publisher SDK key, lacking cryptographic security, and leaks device timestamps in every request.
- Decrypted payloads include extensive device fingerprint data (e.g., hardware model, OS version, screen specs, RAM) and bidder tokens sent to multiple ad networks.
- Observations show that ATT denial only zeros IDFA, but device fingerprinting remains effective, with unique hashes identifying devices across different apps.
- AppLovin's api_did field respects ATT, but downstream ad networks collect additional data (e.g., disk space, battery level) enabling cross-app tracking.
- The protocol enables privacy risks as fingerprint data reaches AppLovin and about 12 ad networks per banner load, circumventing ATT's intended protections.
Show HN: Epiq – Distributed Git based issue tracker TUI
5 hours ago
- Epiq is a vim-inspired, keyboard-centric issue tracker that renders as ASCII and uses Git for synchronization.
- It stores work as an immutable event log, allowing inspection of past changes and deterministic replay.
- Features include vim-like movement, command history, filters, autocompletion, and local instant interactions.
- Epiq operates within any Git repository with isolated worktrees and state branches for team collaboration.
- Install via npm, run in a Git repo, and use commands like :new, :filter, and :sync for issue management.
Additive Blending on the Nintendo 64
14 hours ago
- The PlayStation (PSX) supported additive blending using modes like src + dst, which allowed effects like explosions to look brighter by adding sprite colors to the framebuffer, with clamping to prevent overflow.
- The Nintendo 64 (N64) had a flexible Color Combiner in its Reality Display Processor (RDP) for blending, but it lacked clamping, causing color values to wrap around and produce undesirable visual artifacts when additive blending was attempted.
- To enable additive blending on the N64 without artifacts, a technique was developed: rendering to a 32-bit RGBA 8888 buffer with sprites at 1/8th intensity (using fog alpha), then converting to a 16-bit RGBA 5551 framebuffer with clamping, optimized via the RSP co-processor to run efficiently.
- The conversion from 32-bit to 16-bit was initially slow on the CPU (~70ms per frame) but optimized with RSP vector instructions to ~3.1ms, using tools like RSPL (a C-like language) for modern N64 development without hand-writing assembly.
- This approach allowed for additive blended effects like explosions on the N64, though it had performance trade-offs due to increased memory bandwidth from using a 32-bit buffer, with potential further optimizations like selective rendering or lower resolution for blended elements.
Datacenters slurping juice help drive 75% jump in PJM power prices
6 hours ago
- The IT hardware supply chain is experiencing turbulence due to extended lead times and rising costs from AI demand.
- API-driven applications are increasingly targeted by AI-assisted attacks due to over-permissioning and interconnectivity.
- Building an identity-first recovery strategy is essential for cyber resilience in a complex threat landscape.
- Attackers exploit personal identities on the black market, highlighting the need for better personal security measures.
- AI adoption introduces new security challenges, especially with the rise of agentic AI reshaping threat landscapes.
- AI aids in identifying software vulnerabilities during development but requires effective remediation strategies.
- Scaling AI from pilot to production is key to unlocking ROI, emphasizing the importance of widespread adoption.
- Google has reimbursed victims of API fraud but maintains policies on auto-expanding customer budgets.
- Datacenter energy consumption has spiked, raising electricity prices and prompting discussions on BYO power solutions for AI.
- Git and platforms like GitHub are struggling to handle the influx of AI coding agents, indicating infrastructure strain.
- AI agents can create exploits, not just find vulnerabilities, with models like Mythos and GPT-5.5 leading in capabilities.
- Tools like LocalSend offer AirDrop-like functionality without vendor lock-in, enhancing cross-platform file sharing.
- Microsoft focuses on driver stability over UI tweaks, prioritizing reliability in new initiatives.
- Google may reduce storage incentives for users who don't provide phone numbers, raising privacy concerns.
- Anthropic advocates for stricter US controls on chips and AI models to counter authoritarian regimes' influence by 2028.
Google tests 5 GB cap for users who skip phone numbers
6 hours ago
- Infrastructure teams face extended hardware lead times, rising costs due to AI demand, and accelerated platform timelines.
- Modern API-driven applications are targets for AI-assisted attacks due to over-permissioning.
- Building an identity-first recovery strategy is crucial in the new cyber threat landscape.
- Attackers use personal profiles as intel, requiring measures to make targeting harder.
- AI adoption brings new security challenges, reshaping AI security.
- AI helps identify and remediate vulnerabilities in software development before production.
- Driving AI adoption at scale is key to unlocking real ROI.
- Google reimburses victims of API fraud but maintains auto-expanding customer budgets.
- Data centers' high energy consumption boosted prices 75% in the largest US market, with BYO power suggested for AI facilities.
- Git is unprepared for the influx of AI coding agents, pushing GitHub to the brink.
- AI agents can create exploits, not just find vulnerabilities, with models like Mythos and GPT-5.5 competing.
- LocalSend offers AirDrop-like functionality without Apple lock-in, making sneakernet obsolete.
- Microsoft prioritizes driver stability with a new initiative over UI tweaks.
- Google's policy may reduce storage to 5GB if users don't share phone numbers.
- NASA's Psyche mission includes a brief Mars encounter.
- Anthropic urges US action to restrict China's AI ambitions by 2028 to prevent authoritarian rule-setting.
- Europe seeks independence from US tech but faces challenges in finding exits.
- GNOME dominates Ubuntu, but X.org remains relevant.
- OpenClaw in containers is introduced as NanoClaw.
- Open source registries lack funds for basic security implementation.
New Nightmare Just Dropped: '3D' Animated Ads on Trucks in Traffic
5 hours ago
- A digital ad company is launching mobile billboards with advanced LED panels that produce 3D effects so realistic they appear 'indistinguishable from reality.'
- The author strongly opposes this innovation, arguing that such ads on moving vehicles could be distracting and unsafe, especially with animations that seem to project into the road.
- These 3D billboards use anamorphic imagery to create forced-perspective illusions, previously seen in city centers, and are now being adapted for trucks by LED Truck Media.
- The CEO claims the technology offers high brightness, color depth, and a wide viewing angle, ensuring clarity even in direct sunlight.
- Despite acknowledging the artistic and technological impressiveness, the author calls for a ban, fearing it will turn everyday roads into chaotic, advertisement-filled environments.
ESP-EEG is an affordable 8-channel biosensing board
3 days ago
- Cerelog ESP-EEG is an 8-channel biosensing board using the ADS1299 ADC, similar to OpenBCI Cyton, but at half the price.
- Key features include cleaner signal from true closed-loop active bias and ESP32 for potential WiFi/Bluetooth streaming, though firmware currently limits it to USB only.
- Software support includes a fork of the OpenBCI GUI via Lab Streaming Layer and Brainflow, with firmware under MIT license and schematics under CC-BY-NC-SA for non-commercial use.
- The project is developed by former SpaceX engineer Simon Hakimian, with open-source firmware and schematics but PCB layout files are not available.
- Notable caveats: electrical isolation issues with USB-only use, licensing confusion clarified by the creator, and promotional materials may sound AI-generated.
The main thing about P2P meth is that there's so much of it (2022)
5 hours ago
- P2P meth synthesis replaced ephedrine-based meth production in the US between 2009 and 2012 due to regulatory bans on pseudoephedrine.
- P2P meth initially produced a mix of d-meth and l-meth isomers, but modern street meth is now nearly pure d-meth (around 95% on average), with high purity levels.
- The shift to P2P meth has led to a significant increase in meth availability, as evidenced by rising border seizures, sewage measurements, usage surveys (especially heavy users tripling from 2015 to 2019), lower prices, and skyrocketing overdose deaths.
- Claims that P2P meth causes schizophrenia or 'madness' due to chemical differences or contaminants (like lead acetate) are unsupported by data, as reports of such effects don't correlate with synthesis method changes or impurity timelines.
- Meth usage and overdoses have surged, with users consuming doses roughly 15 times higher than typical ADHD medications, contributing to a public health crisis comparable to car accident fatalities.

first prev0next

About|Login

Hasty Briefsbeta

NYT and Vaping: How to Lie by Saying Only True Things

SQL patterns I use to catch transaction fraud

Ploopy Bean: a trackpoint for every computer

Why they stopped building wooden stupas: on survivorship bias in history

ArXiv to Ban Researchers for a Year If They Submit AI Slop

Ink/Stitch

Use Your ChatGPT Subscription in Zed

Jank now has its own custom IR

OpenAI Models in OpenClaw, Done Right

Mustela – A static site generator born from forensic family analysis

Is China using fentanyl as a weapon against the United States?

I broke AppLovin's mediation cipher protocol

Show HN: Epiq – Distributed Git based issue tracker TUI

Additive Blending on the Nintendo 64

Datacenters slurping juice help drive 75% jump in PJM power prices

Google tests 5 GB cap for users who skip phone numbers

New Nightmare Just Dropped: '3D' Animated Ads on Trucks in Traffic

ESP-EEG is an affordable 8-channel biosensing board

The main thing about P2P meth is that there's so much of it (2022)