Top HN Daily Digest · Sat, Jun 20, 2026

Loupe is a privacy-focused iOS app that demonstrates how native apps use public APIs to collect device data and create unique fingerprints for tracking users without their explicit consent. [src]

Users expressed alarm over the granular data native iOS apps can access for fingerprinting, specifically citing the "volume creation date" and pasteboard change counts as particularly egregious leaks [0][4]. While some argue these metrics serve functional purposes like buffer management, others contend that Apple’s primary defense is a Terms of Service requirement for disclosure rather than robust technical prevention [5][9]. Consequently, many participants advocate for minimizing app installations in favor of web browsers, despite the increasing friction and "nagging" encountered on mobile web interfaces [1][6][7].

The UK government is considering age-restricting VPN use to prevent children from bypassing a proposed under-16 social media ban, with a formal statement on the matter expected in July. [src]

The UK government's consideration of "age-gating" VPNs has sparked significant concern that "protecting children" is being used as a pretext for state surveillance and censorship, mirroring tactics used in authoritarian regimes [0][2][8]. While some argue that platforms have failed to protect minors from online harms and that some inconvenience is a necessary price for safety [9], critics contend that privacy is a fundamental human right and that the government is merely seeking "research" to confirm its own biases [1][5]. Skeptics also point out the technical futility of such bans, noting that users will likely adopt more advanced encryption and circumvention methods developed in more restrictive environments [6][7].

Powered by PolyCSS, cssQuake is a browser-based version of the classic 1996 first-person shooter that supports both single-player and multiplayer modes using the original shareware assets. [src]

While users praised the technical achievement of running Quake in CSS, many noted that it performs significantly worse on modern hardware than the original game did on 1990s-era Pentium processors [0][2]. This led to a debate over whether modern computational power should be able to overcome unoptimized engines, with some arguing that CSS is fundamentally the wrong tool for the task, likening it to trying to cook meatloaf in a toaster [1][3][4]. Technical issues were also highlighted, including the lack of sound, floating enemy glitches, and the difficulty of exiting the application [5][6][7][9].

Digital screens and standard lighting cannot reproduce many vibrant colors found in nature, such as the intense cyans and greens seen in deep water, tropical birds, and traffic lights, because these hues fall outside the limited sRGB and Display-P3 color gamuts. [src]

The sRGB color space is criticized for its inability to reproduce saturated orange, red, and purple tones frequently found in nature, such as in flowers and blood [0][5]. While the CIE 1931 diagram visually emphasizes missing blue-greens, commenters argue that human vision is more sensitive to the red-purple spectrum, making Display P3 a significant practical upgrade for modern monitors [0][2][5]. Beyond digital displays, users noted that physical media like acrylic paintings and monochromatic lasers provide a level of saturation and depth that current screen technology cannot replicate [8][9]. Additionally, the exclusion of deep reds (R9) in common LED lighting metrics further degrades the perceived quality of real-world colors and skin tones [3][7].

After six years of development and 360 patches, the Linux kernel has officially eliminated the strncpy API to improve security and prevent buffer overflows. [src]

The removal of `strncpy` sparked a debate over C’s fundamental design, with many users labeling null-terminated strings as one of computing's "biggest mistakes" compared to safer Pascal-style strings or length-prefixed buffers [0][3][6]. While some argue that null terminators are uniquely problematic and insecure, others point out that alternative structures like Pascal strings had brutal historical limitations and that sentinel values are a common, intentional pattern in C [4]. The discussion also touched on whether modern LLMs could have accelerated this six-year effort, though skeptics noted that the bottleneck likely involved complex architectural decisions rather than simple code replacement [7][8][9].

Marketing agency Qontour created an unauthorized website for John Koenig’s *The Dictionary of Obscure Sorrows*, plagiarizing the book's entire text and using AI-generated content to outrank the official site and monetize traffic through affiliate links. [src]

The rise of "AI laundering" is enabling the wholesale theft of software and literature, where original works are rebranded or rewritten by AI to bypass traditional detection [0][4]. While the DMCA was designed for these scenarios, users report that Google and Apple are often unresponsive to takedown requests from individuals, seemingly prioritizing large corporate lobbyists instead [1][5][7]. There is a sharp disagreement over the vulnerability of free software, with some arguing that "FOSS" invites theft and others maintaining that open-source status does not waive legal protections or the right to monetize [6][9]. Additionally, commenters warn against relying on AI tools like Claude for legal advice, noting that they often miss the practical leverage an author holds through statutory damages and settlement negotiations [2][3].

Finland’s public libraries have evolved into essential "inclusion infrastructure," offering free access to tools like sewing machines and 3D printers alongside traditional books to promote social equality, digital literacy, and democratic participation. [src]

While some users celebrate "Libraries of Things" for providing access to expensive equipment like synthesizers and sewing machines [4], others argue that such complex machinery is too difficult for novices to maintain and may lead to high repair costs for the library [0][7]. Critics contend that libraries should remain focused solely on books rather than evolving into community hobby centers or social service hubs [8], especially as some patrons report feeling unsafe due to the presence of unhoused populations [1]. Despite these concerns, the high library usage rates in Finland—where 55% of the population visits monthly—highlight a stark contrast to lower engagement levels in countries like the UK [9].

I am unable to summarize the story because the provided link is blocked by a security verification page, and the content consists only of a CAPTCHA warning. [src]

Slow breathing, particularly through prolonged exhalation, modulates the nervous system by increasing parasympathetic activation and signaling safety to the brain [0][1][4]. While some users find the resulting increase in risk-taking behavior counterintuitive, others argue that reducing fear allows for more confident engagement with rewards and high-stress activities like public speaking or combat sports [0][5][9]. While there is debate over whether this is a purely metabolic response to oxygen intake or a complex neurological signal [7][9], commenters expressed strong interest in using wearable technology or mindfulness to permanently shift their subconscious breathing patterns [2][6].

Microsoft's new Windows 11 Media Player is facing criticism for using 3.5 times more RAM than its predecessor while requiring paid extensions for HEVC playback and removing native support for AC-3 audio. [src]

The shift to a JavaScript-based frontend is cited as the likely cause for the 3.5x increase in RAM usage, a move some argue prioritizes developer convenience over user experience [0][1]. While critics view this bloat as a disrespectful waste of hardware resources [5][9], others contend that a few hundred megabytes is negligible compared to modern browser usage and is a fair trade-off for more frequent software updates [2][4][7]. Regarding codec charges, the removal of native HEVC support is attributed to rising licensing costs, leading many users to recommend alternatives like VLC or the K-Lite Codec Pack [0][3][6].

Developer Tim Wehrle successfully encoded a website's HTML content into the RGB pixel values of a 9x9 favicon image, using a small JavaScript bootstrap loader to decode and render the data back into a functional page. [src]

The discussion is heavily divided over the article's writing style, with many users criticizing its "staccato" and "3rd grade" flow as being characteristic of AI generation [0][2][7]. While some argue the presence of grammatical errors and informal language suggests a human author or a non-native English speaker [6][7], others point to AI-detection tools to substantiate claims that the text was heavily drafted by an LLM [9]. Technically, commenters suggested more efficient alternatives like storing markup directly in SVG favicons or utilizing the multiple resolutions allowed by the ICO format [1][8], though the author clarified they specifically wanted the payload to reside within actual pixel data [3].