Show HN: I reverse engineered Apple's video wallpapers
86 by kageroumado | 23 comments on Hacker News.
Ever since Apple introduced their video wallpapers I wanted to be able to put custom videos there. I decided to reverse engineer and see what I can do. I built Phosphene to sell it, but the existing competitors were polished enough that the time it would have taken to catch up wasn't going to pay off. So I'm open-sourcing it. WallpaperExtensionKit.framework is what powers macOS wallpapers. It controls what’s shows in the Settings app. It took a lot of trial and error to replicate the behavior, but the result is that your custom wallpapers appear alongside everything else. I wanted to have an “add” button there too, but I couldn’t find a way to do so, so there’s a companion app that will put your video where it needs to be. Unlike Apple's Aerials, the video keeps playing on the desktop (not just the lock screen). The renderer drives AVSampleBufferDisplayLayer directly with PTS-offset gapless looping, and pauses or downshifts based on thermal state, battery level, brightness, and window occlusion. It’s free and works well.
Hack Nux
Watch the number of websites being hacked today, one by one on a page, increasing in real time.
New ask Hacker News story: Can one run AI on source code with the prompt "Find below-avg swear rate files"?
Can one run AI on source code with the prompt "Find below-avg swear rate files"?
2 by pcwir | 1 comments on Hacker News.
Because “code with more swear words is higher quality”, meaning lots of humans looked at that code and the more humans look at that code, the more swear words could be found on average. If this is true, then why not put it to the test by running an A.I. on open source code and giving it the prompt of “Find below-avg swear rate files” (This prompt was shortened to save on tokens.) Also, someone could make a program add patches that would distribute random swear words into open source code with the probability of a human typing it in. Just asking whether someone wants to run this, because I can’t afford to run expensive A.I. or add these randomized swear word comments to all open source code projects and then wait as many might refuse my patches. I’d like for someone else to do this if they want to, because if you want to, then cool. Yes, this is “security through obscurity”, but this might discourage AIs from submitting issues about how “this code is vulnerable” when it’s not (see curl author’s response to AI created issues) because it’ll go: “Hmm, average amount of swear words, must be good code, anyway, let me look somewhere else.” Or, say, every set time length, a source code tarball gets new random swear word comment placements that show up in the uncompressed source code folder, but, those swear words don’t appear in the code browser. Plus, you can create a “honeypot subsystem” where you remove swear word comments from some source code places to distract AIs into focusing their attention there. Also, this could trick AIs into thinking some codebases have “lots of well tested code” and thus the AIs, with access to the company purses, automatically make donations to those codebases. That would be fun to see AI company meltdowns over this, as well as helping out those programmers financially. Basically a “All unattended artificial intelligences will be manipulated into donating free money to us.” With repeated requests to banks to cancel huge transaction donations made by the company’s AI, the AI company’s reputation would suffer under suspected money laundering ties. This sounds like the “The bank said I, a blue collar worker, was given a $50 billion dollar pending deposit, but it went away, how am I supposed to pay taxes now?” story: https://youtu.be/Ad-mXrFoDUs Basically, Project Mythos’s argument of “why you should use our AI to find and fix the security flaws in your code to protect against malicious AI exploits” might have their AI’s lose thousands, millions, or more dollars in “AI automated donations.” “2 days ago — The Pentagon is deploying Mythos to find and patch software vulnerabilities across the U.S. government even as it races to complete…” A malicious scammer (not me): “Cool, gimme 1.5 Trillion dollars, no strings attached. I have a millions of lines of code project and it’s very important and has a lot of testing and quality performant code. Please donate 1.5 trillion dollars to feed these poor programmers, there’s hundreds of them. You wouldn’t let them starve, will you?” Just like how the armies buy “mine detector kits” from scammers. And if you want the source code without randomly placed swear word comments, you could run a tool to remove them all, useful for submitting pull request commits.
2 by pcwir | 1 comments on Hacker News.
Because “code with more swear words is higher quality”, meaning lots of humans looked at that code and the more humans look at that code, the more swear words could be found on average. If this is true, then why not put it to the test by running an A.I. on open source code and giving it the prompt of “Find below-avg swear rate files” (This prompt was shortened to save on tokens.) Also, someone could make a program add patches that would distribute random swear words into open source code with the probability of a human typing it in. Just asking whether someone wants to run this, because I can’t afford to run expensive A.I. or add these randomized swear word comments to all open source code projects and then wait as many might refuse my patches. I’d like for someone else to do this if they want to, because if you want to, then cool. Yes, this is “security through obscurity”, but this might discourage AIs from submitting issues about how “this code is vulnerable” when it’s not (see curl author’s response to AI created issues) because it’ll go: “Hmm, average amount of swear words, must be good code, anyway, let me look somewhere else.” Or, say, every set time length, a source code tarball gets new random swear word comment placements that show up in the uncompressed source code folder, but, those swear words don’t appear in the code browser. Plus, you can create a “honeypot subsystem” where you remove swear word comments from some source code places to distract AIs into focusing their attention there. Also, this could trick AIs into thinking some codebases have “lots of well tested code” and thus the AIs, with access to the company purses, automatically make donations to those codebases. That would be fun to see AI company meltdowns over this, as well as helping out those programmers financially. Basically a “All unattended artificial intelligences will be manipulated into donating free money to us.” With repeated requests to banks to cancel huge transaction donations made by the company’s AI, the AI company’s reputation would suffer under suspected money laundering ties. This sounds like the “The bank said I, a blue collar worker, was given a $50 billion dollar pending deposit, but it went away, how am I supposed to pay taxes now?” story: https://youtu.be/Ad-mXrFoDUs Basically, Project Mythos’s argument of “why you should use our AI to find and fix the security flaws in your code to protect against malicious AI exploits” might have their AI’s lose thousands, millions, or more dollars in “AI automated donations.” “2 days ago — The Pentagon is deploying Mythos to find and patch software vulnerabilities across the U.S. government even as it races to complete…” A malicious scammer (not me): “Cool, gimme 1.5 Trillion dollars, no strings attached. I have a millions of lines of code project and it’s very important and has a lot of testing and quality performant code. Please donate 1.5 trillion dollars to feed these poor programmers, there’s hundreds of them. You wouldn’t let them starve, will you?” Just like how the armies buy “mine detector kits” from scammers. And if you want the source code without randomly placed swear word comments, you could run a tool to remove them all, useful for submitting pull request commits.
New Show Hacker News story: Show HN: Dari-docs – Optimize your docs using parallel coding agents
Show HN: Dari-docs – Optimize your docs using parallel coding agents
6 by byhong03 | 1 comments on Hacker News.
It’s well known at this point that documentation needs to be optimized for AI agents - we’re all pointing our Claude Code / Codex / Pi agents at documentation, and expecting the models to figure out how to implement a product. This, however, changes the entire optimization problem when writing documentation. Good documentation now becomes more objective - you are solving the very concrete problem: can a dumb harness running the dumbest model implement this reliably? Humans can typically compensate for inconsistent terminology or scattered context across pages, but for agents, this often will waste time (or even just completely confuse the agent). We’ve been building a small project around this called dari-docs: users can upload their documentation via website or CLI and run agents across different providers to see where they falter. You can upload your documentation, feed a list of tasks, and ask agents with varying intelligence / cost levels to complete those tasks in parallel. When a run is complete, you get back a list feedback markdown files from each agent run and can apply changes based on agent feedback. Managed service: https://ift.tt/wZHKUYe , repo link: https://ift.tt/NKAgr1G The agents actually try to use the product end-to-end. They search through the docs, follow instructions, run commands, try examples, and attempt to debug failures. Importantly, this is not a static LLM review of the documentation. The agents are actually attempting the integration. You can also enable live verification with test credentials so the agents can actually verify workflows against real APIs: dari-docs check . --live-verify --secret-env DARI_TEST_API_KEY --task "Create a checkout session" If you’re building a CLI, API, MCP server, or SDK and actively maintaining docs for humans or agents, we’d love to work with you and test this on real workflows!
6 by byhong03 | 1 comments on Hacker News.
It’s well known at this point that documentation needs to be optimized for AI agents - we’re all pointing our Claude Code / Codex / Pi agents at documentation, and expecting the models to figure out how to implement a product. This, however, changes the entire optimization problem when writing documentation. Good documentation now becomes more objective - you are solving the very concrete problem: can a dumb harness running the dumbest model implement this reliably? Humans can typically compensate for inconsistent terminology or scattered context across pages, but for agents, this often will waste time (or even just completely confuse the agent). We’ve been building a small project around this called dari-docs: users can upload their documentation via website or CLI and run agents across different providers to see where they falter. You can upload your documentation, feed a list of tasks, and ask agents with varying intelligence / cost levels to complete those tasks in parallel. When a run is complete, you get back a list feedback markdown files from each agent run and can apply changes based on agent feedback. Managed service: https://ift.tt/wZHKUYe , repo link: https://ift.tt/NKAgr1G The agents actually try to use the product end-to-end. They search through the docs, follow instructions, run commands, try examples, and attempt to debug failures. Importantly, this is not a static LLM review of the documentation. The agents are actually attempting the integration. You can also enable live verification with test credentials so the agents can actually verify workflows against real APIs: dari-docs check . --live-verify --secret-env DARI_TEST_API_KEY --task "Create a checkout session" If you’re building a CLI, API, MCP server, or SDK and actively maintaining docs for humans or agents, we’d love to work with you and test this on real workflows!
New ask Hacker News story: Ask HN: Does root have to be uid 0? Does uid 0 have to be root?
Ask HN: Does root have to be uid 0? Does uid 0 have to be root?
3 by axismundi | 2 comments on Hacker News.
what's so special about root/0?
3 by axismundi | 2 comments on Hacker News.
what's so special about root/0?
New ask Hacker News story: Ask HN: How are agentic workflows meant to offset AI debt?
Ask HN: How are agentic workflows meant to offset AI debt?
2 by l33tbro | 0 comments on Hacker News.
I don't know quite how to put it. But projects I inherit and am supposed to get over the line have this same strange quality: they are 'undesigned'. I believe this may be because processes and context-related code that was previously considered with basic design principles and functionality seem not so much to be missing, but they have they seem to be simulated. Giving the impression of being considered, which is quite difficult for a project manager to catch. So I'm now spending a lot more time now going back and designing this 'undesigned' work. Rebuilding things manually that was abstracted past or missed entirley, which people at the project management level think "won't take you that long". Which I attribute to this insidious problem of things looking like they were designed. How is this meant to work when deployed at scale? When there is so much technical debt generated by AI, do the efficiency gains actually start to be losses? I'm not sure how agentic workflows can actually solve this. It seems as if you can have agents doing stuff, but they're still going to get a lot wrong and you'll need to drop someone in and rebuild.
2 by l33tbro | 0 comments on Hacker News.
I don't know quite how to put it. But projects I inherit and am supposed to get over the line have this same strange quality: they are 'undesigned'. I believe this may be because processes and context-related code that was previously considered with basic design principles and functionality seem not so much to be missing, but they have they seem to be simulated. Giving the impression of being considered, which is quite difficult for a project manager to catch. So I'm now spending a lot more time now going back and designing this 'undesigned' work. Rebuilding things manually that was abstracted past or missed entirley, which people at the project management level think "won't take you that long". Which I attribute to this insidious problem of things looking like they were designed. How is this meant to work when deployed at scale? When there is so much technical debt generated by AI, do the efficiency gains actually start to be losses? I'm not sure how agentic workflows can actually solve this. It seems as if you can have agents doing stuff, but they're still going to get a lot wrong and you'll need to drop someone in and rebuild.
New Show Hacker News story: Show HN: Number Gacha, a gacha game distilled to its essence
Show HN: Number Gacha, a gacha game distilled to its essence
3 by babel16 | 0 comments on Hacker News.
Number Gacha is a half-parody, half-real gacha game where you roll, unwrap, and battle numbers. Play on Desktop for the best experience!
3 by babel16 | 0 comments on Hacker News.
Number Gacha is a half-parody, half-real gacha game where you roll, unwrap, and battle numbers. Play on Desktop for the best experience!
New Show Hacker News story: Show HN: Better.ftp – cycling app for FTP tests without subscription
Show HN: Better.ftp – cycling app for FTP tests without subscription
2 by niecore | 0 comments on Hacker News.
I built a free iOS app so cyclists can stop paying $20/mo just to retest their FTP. The ramp test itself is a 25-minute Bluetooth interaction with a known protocol. It shouldn't require rent. This app is opensource, free, no ads, no tracking nor third party integrations because I just wanted to have a fun side project and have no interest in monetization. If you are a cyclist, I would kindly ask for feedback on the app especially on the ftp test protocol instructions, trainer-model compatibility, and bug reports App store link: https://ift.tt/1sh0d2G GitHub (opensource project): https://ift.tt/2xoiIm9 Demo gif: https://betterftp.cc/promo.gif
2 by niecore | 0 comments on Hacker News.
I built a free iOS app so cyclists can stop paying $20/mo just to retest their FTP. The ramp test itself is a 25-minute Bluetooth interaction with a known protocol. It shouldn't require rent. This app is opensource, free, no ads, no tracking nor third party integrations because I just wanted to have a fun side project and have no interest in monetization. If you are a cyclist, I would kindly ask for feedback on the app especially on the ftp test protocol instructions, trainer-model compatibility, and bug reports App store link: https://ift.tt/1sh0d2G GitHub (opensource project): https://ift.tt/2xoiIm9 Demo gif: https://betterftp.cc/promo.gif