Ask HN: Why can't we just make more RAM?
3 by chatmasta | 4 comments on Hacker News.
Is there some bottleneck in the supply chain, like rare earth metals or something, that’s limiting production throughput? Or do we simply have every factory already operating at max capacity and scaling up supply will require building more of them? Is there some intuition we can apply to estimate how long it will take for supply to catchup to demand?
Hack Nux
Watch the number of websites being hacked today, one by one on a page, increasing in real time.
New Show Hacker News story: Show HN: I wrote my first neural network
Show HN: I wrote my first neural network
2 by allenng | 0 comments on Hacker News.
I have been interested in neural nets since the 90's. I've done quite a bit of reading, but never gotten around to writing code. I used Gemini in place of Wikipedia to fill in the gaps of my knowledge. The coolest part of this was learning about dual numbers. You can see in early commits that I did not yet know about auto-diff; I was thinking I'd have to integrate a CAS library or something. Now, I'm off to play with TensorFlow.
2 by allenng | 0 comments on Hacker News.
I have been interested in neural nets since the 90's. I've done quite a bit of reading, but never gotten around to writing code. I used Gemini in place of Wikipedia to fill in the gaps of my knowledge. The coolest part of this was learning about dual numbers. You can see in early commits that I did not yet know about auto-diff; I was thinking I'd have to integrate a CAS library or something. Now, I'm off to play with TensorFlow.
New Show Hacker News story: Show HN: EdgeWhisper – On-device voice-to-text for macOS (Voxtral 4B via MLX)
Show HN: EdgeWhisper – On-device voice-to-text for macOS (Voxtral 4B via MLX)
2 by raphaelmansuy | 1 comments on Hacker News.
I built a macOS voice dictation app where zero bytes of audio ever leave your machine. EdgeWhisper runs Voxtral Mini 4B Realtime (Mistral AI, Apache 2.0) locally on Apple Silicon via the MLX framework. Hold a key, speak, release — text appears at your cursor in whatever app has focus. Architecture: - Native Swift (SwiftUI + AppKit). No Electron. - Voxtral 4B inference via MLX on the Neural Engine. ~3GB model, runs in ~2GB RAM on M1+. - Dual text injection: AXUIElement (preserves undo stack) with NSPasteboard+CGEvent fallback. - 6-stage post-processing pipeline: filler removal → dictionary → snippets → punctuation → capitalization → formatting. - Sliding window KV cache for unlimited streaming without latency degradation. - Configurable transcription delay (240ms–2.4s). Sweet spot at 480ms. What it does well: - Works in 20+ terminals/IDEs (VS Code, Xcode, iTerm2, Warp, JetBrains). Most dictation tools break in terminals — we detect them and switch injection strategy. - Removes filler words automatically ("um", "uh", "like"). - 13 languages with auto-detection. - Personal dictionary + snippet expansion with variable support (, ). - Works fully offline after model download. No accounts, no telemetry, no analytics. What it doesn't do (yet): - No file/meeting transcription (coming) - No translation (coming) - No Linux/Windows (macOS only, Apple Silicon required) Pricing: Free tier (5 min/day, no account needed). Pro at $7.99/mo or $79.99/yr. I'd love feedback on: 1. Would local LLM post-processing (e.g., Phi-4-mini via MLX) for grammar/tone be worth the extra ~1GB RAM? 2. For developers using voice→code workflows: what context would you want passed to your editor? 3. Anyone else building on Voxtral Realtime? Curious about your experience with the causal audio encoder.
2 by raphaelmansuy | 1 comments on Hacker News.
I built a macOS voice dictation app where zero bytes of audio ever leave your machine. EdgeWhisper runs Voxtral Mini 4B Realtime (Mistral AI, Apache 2.0) locally on Apple Silicon via the MLX framework. Hold a key, speak, release — text appears at your cursor in whatever app has focus. Architecture: - Native Swift (SwiftUI + AppKit). No Electron. - Voxtral 4B inference via MLX on the Neural Engine. ~3GB model, runs in ~2GB RAM on M1+. - Dual text injection: AXUIElement (preserves undo stack) with NSPasteboard+CGEvent fallback. - 6-stage post-processing pipeline: filler removal → dictionary → snippets → punctuation → capitalization → formatting. - Sliding window KV cache for unlimited streaming without latency degradation. - Configurable transcription delay (240ms–2.4s). Sweet spot at 480ms. What it does well: - Works in 20+ terminals/IDEs (VS Code, Xcode, iTerm2, Warp, JetBrains). Most dictation tools break in terminals — we detect them and switch injection strategy. - Removes filler words automatically ("um", "uh", "like"). - 13 languages with auto-detection. - Personal dictionary + snippet expansion with variable support (, ). - Works fully offline after model download. No accounts, no telemetry, no analytics. What it doesn't do (yet): - No file/meeting transcription (coming) - No translation (coming) - No Linux/Windows (macOS only, Apple Silicon required) Pricing: Free tier (5 min/day, no account needed). Pro at $7.99/mo or $79.99/yr. I'd love feedback on: 1. Would local LLM post-processing (e.g., Phi-4-mini via MLX) for grammar/tone be worth the extra ~1GB RAM? 2. For developers using voice→code workflows: what context would you want passed to your editor? 3. Anyone else building on Voxtral Realtime? Curious about your experience with the causal audio encoder.
New ask Hacker News story: Generate tests from GitHub pull requests
Generate tests from GitHub pull requests
3 by Aamir21 | 0 comments on Hacker News.
I’ve been experimenting with something interesting. AI coding tools generate code very quickly, but they almost never generate full end to end test coverage. they create a ton of tests mostly unit and intergations but real user scenarios are missing. In many repos we looked at, the ratio of new code vs small number of high quality e2e tests dropped dramatically once teams started using Copilot-style tools or is left for testers as a separate job. So I tried a different approach. the system reads a pull request and: • analyzes changed files • identifies uncovered logic paths - using dependency graph (one repo or multi-repo) • Understand the context via user story or requirements (given as a comment in PR) • generates test scenarios • produces e2e automated tests tied to the PR in addition if a user can connect with their CMS, or TMS then it can be pulled into as well. (internally i use graphRAG but that is for another post) Example workflow: 1. Push a PR 2. System reads diff + linked Jira ticket 3. Generates missing tests and coverage report In early experiments the system consistently found edge cases that developers missed. Example output: Code Reference| Requirement ID | Requirement / Acceptance Criteria |Test Type Test ID | Test Description |Status src/api/auth.js:45-78 | GITHUB-234 / JIRA-API-102 | API should return 400 for invalid token| Integration| IT-01 | Validate response for invalid token Pass Curious how others are thinking about this kind of traceability. I am a developer too so i am sensitive to only show this to developer and only developer can make it visible to other folks otherwise he can just take the corrective action.
3 by Aamir21 | 0 comments on Hacker News.
I’ve been experimenting with something interesting. AI coding tools generate code very quickly, but they almost never generate full end to end test coverage. they create a ton of tests mostly unit and intergations but real user scenarios are missing. In many repos we looked at, the ratio of new code vs small number of high quality e2e tests dropped dramatically once teams started using Copilot-style tools or is left for testers as a separate job. So I tried a different approach. the system reads a pull request and: • analyzes changed files • identifies uncovered logic paths - using dependency graph (one repo or multi-repo) • Understand the context via user story or requirements (given as a comment in PR) • generates test scenarios • produces e2e automated tests tied to the PR in addition if a user can connect with their CMS, or TMS then it can be pulled into as well. (internally i use graphRAG but that is for another post) Example workflow: 1. Push a PR 2. System reads diff + linked Jira ticket 3. Generates missing tests and coverage report In early experiments the system consistently found edge cases that developers missed. Example output: Code Reference| Requirement ID | Requirement / Acceptance Criteria |Test Type Test ID | Test Description |Status src/api/auth.js:45-78 | GITHUB-234 / JIRA-API-102 | API should return 400 for invalid token| Integration| IT-01 | Validate response for invalid token Pass Curious how others are thinking about this kind of traceability. I am a developer too so i am sensitive to only show this to developer and only developer can make it visible to other folks otherwise he can just take the corrective action.
New ask Hacker News story: Enabling Media Router by default undermines Brave's privacy claims
Enabling Media Router by default undermines Brave's privacy claims
2 by noguff | 0 comments on Hacker News.
So, Brave now enables Casting by default on desktop — and does so silently, without explicit notification or consent after an update? What fresh hell is this? A browser that markets itself as privacy‑first should not be turning on a network discovery feature by default as if it were a trivial setting. If the Brave team’s operational goal is to expand the browser’s attack surface (more than they already have) they’ve made a strong start. Forcing users to manually opt out of Media Router to protect their systems and data directly contradicts the principle of “privacy by default.” This is exactly the kind of behavior many users left Chrome to avoid. Media Router is not a harmless convenience toggle. Under the hood, it relies on automatic device discovery protocols such as SSDP and UPnP on the local network. That means the browser is actively participating in multicast discovery traffic and probing for devices that advertise casting endpoints. Enabling this behavior by default alters the browser’s network footprint and introduces additional code paths and interactions that would otherwise not exist. Any feature that performs automated device discovery should be treated as a security‑sensitive capability. SSDP has a long history of being abused in poorly configured environments, and expanding the browser’s participation in that ecosystem increases the potential attack surface. At a minimum, it amplifies observable network activity and exposes extra logic that can be triggered by devices on the local network. Quietly turning this on without user knowledge or explanation is the opposite of responsible security design. Users were not warned, not asked, and not given any transparency about what the feature does or which protocols it uses. That is not what “privacy by default” looks like. If Brave wants its privacy claims to remain credible, this needs to change. Apparently Brave’s privacy branding is negotiable when convenience features are involved. Quietly enabling network discovery features in the background is exactly the sort of practice Brave claims to stand against.
2 by noguff | 0 comments on Hacker News.
So, Brave now enables Casting by default on desktop — and does so silently, without explicit notification or consent after an update? What fresh hell is this? A browser that markets itself as privacy‑first should not be turning on a network discovery feature by default as if it were a trivial setting. If the Brave team’s operational goal is to expand the browser’s attack surface (more than they already have) they’ve made a strong start. Forcing users to manually opt out of Media Router to protect their systems and data directly contradicts the principle of “privacy by default.” This is exactly the kind of behavior many users left Chrome to avoid. Media Router is not a harmless convenience toggle. Under the hood, it relies on automatic device discovery protocols such as SSDP and UPnP on the local network. That means the browser is actively participating in multicast discovery traffic and probing for devices that advertise casting endpoints. Enabling this behavior by default alters the browser’s network footprint and introduces additional code paths and interactions that would otherwise not exist. Any feature that performs automated device discovery should be treated as a security‑sensitive capability. SSDP has a long history of being abused in poorly configured environments, and expanding the browser’s participation in that ecosystem increases the potential attack surface. At a minimum, it amplifies observable network activity and exposes extra logic that can be triggered by devices on the local network. Quietly turning this on without user knowledge or explanation is the opposite of responsible security design. Users were not warned, not asked, and not given any transparency about what the feature does or which protocols it uses. That is not what “privacy by default” looks like. If Brave wants its privacy claims to remain credible, this needs to change. Apparently Brave’s privacy branding is negotiable when convenience features are involved. Quietly enabling network discovery features in the background is exactly the sort of practice Brave claims to stand against.
New Show Hacker News story: Show HN: Slop or not – can you tell AI writing from human in everyday contexts?
Show HN: Slop or not – can you tell AI writing from human in everyday contexts?
11 by eigen-vector | 14 comments on Hacker News.
I’ve been building a crowd-sourced AI detection benchmark. Two responses to the same prompt — one from a real human (pre-2022, provably pre prevalence of AI slop on the internet), one generated by AI. You pick the slop. Three wrong and you’re out. The dataset: 16K human posts from Reddit, Hacker News, and Yelp, each paired with AI generations from 6 models across two providers (Anthropic and OpenAI) at three capability tiers. Same prompt, length-matched, no adversarial coaching — just the model’s natural voice with platform context. Every vote is logged with model, tier, source, response time, and position. Early findings from testing: Reddit posts are easy to spot (humans are too casual for AI to mimic), HN is significantly harder. I'll be releasing the full dataset on HuggingFace and I'll publish a paper if I can get enough data via this crowdsourced study. If you play the HN-only mode, you’re helping calibrate how detectable AI is on here specifically. Would love feedback on the pairs — are any trivially obvious? Are some genuinely hard?
11 by eigen-vector | 14 comments on Hacker News.
I’ve been building a crowd-sourced AI detection benchmark. Two responses to the same prompt — one from a real human (pre-2022, provably pre prevalence of AI slop on the internet), one generated by AI. You pick the slop. Three wrong and you’re out. The dataset: 16K human posts from Reddit, Hacker News, and Yelp, each paired with AI generations from 6 models across two providers (Anthropic and OpenAI) at three capability tiers. Same prompt, length-matched, no adversarial coaching — just the model’s natural voice with platform context. Every vote is logged with model, tier, source, response time, and position. Early findings from testing: Reddit posts are easy to spot (humans are too casual for AI to mimic), HN is significantly harder. I'll be releasing the full dataset on HuggingFace and I'll publish a paper if I can get enough data via this crowdsourced study. If you play the HN-only mode, you’re helping calibrate how detectable AI is on here specifically. Would love feedback on the pairs — are any trivially obvious? Are some genuinely hard?