HN Top 10 — May 11, 2026
Today’s Top 10 on Hacker News
1. Hardware Attestation as Monopoly Enabler
⭐ 1616 💬 527 👤 ChuckMcM 🔗 Discuss on HN
Apple and Google are gradually expanding their use of hardware-based attestation. They’re convincing a growing number of services to adopt it. Google’s Play Integrity API and Apple’s App Attest API are very similar.
2. Local AI needs to be the norm
⭐ 1211 💬 509 👤 cylo 🔗 Discuss on HN
One of the current trends in modern software is for developers to slap an API call to OpenAI or Anthropic for features within their app. Reasonable people can quibble with whether those features are actually bringing value to users, but what I want to discuss is the fundamental concept of taking on a dependency to a cloud hosted AI model for applications. This laziness is creating a generation of software that is fragile, invades your…
3. I’m going back to writing code by hand
⭐ 408 💬 200 👤 dropbox_miner 🔗 Discuss on HN
The author follows up on their previous HN post about building software without AI, explaining that they’re going back to writing code entirely by hand. What started as an investigation into “how far I can get by keeping myself completely out of the loop” has become a full dev-log documenting the experience of building real software manually in the age of AI-assisted coding.
4. The greatest shot in television: James Burke had one chance to nail this scene (2024)
⭐ 190 💬 83 👤 susam 🔗 Discuss on HN
What you wouldn’t know unless you saw it in context is that it also comes as the final, culminating moment of a 50-minute explanatory journey that begins with credit cards, then makes its way through the invention of everything from a knight’s armor to canned food to air conditioning to the Saturn V rocket, which put man on the moon. Formally speaking, this was a typical episode of…
5. Running local models on an M4 with 24GB memory
⭐ 334 💬 106 👤 shintoist 🔗 Discuss on HN
The author shares their experience experimenting with running local AI models on an M4 Mac with 24GB of memory. They describe finding a workable setup for basic tasks, research, and planning — not SOTA quality, but the excitement of having a self-contained local model that can handle everyday work more than compensates for the lower performance.
6. Guitar tuner that uses phone accelerometer
⭐ 26 💬 11 👤 adm4 🔗 Discuss on HN
A clever web-based guitar tuner that uses your phone’s accelerometer instead of its microphone. By pressing the phone firmly against the guitar body and plucking a string, the app detects vibrations through the accelerometer, showing raw axis traces and combined magnitude. Pitch is automatically detected from the strongest axis and alias-corrected to the actual string frequency — a creative sensor hack.
7. Obsidian plugin was abused to deploy a remote access trojan
⭐ 226 💬 114 👤 cmbailey 🔗 Discuss on HN
Executive Summary Security researchers have identified a highly targeted social engineering campaign (REF6598) that weaponizes the Obsidian note-taking application to deliver a previously undocumented Remote Access Trojan (RAT) named PHANTOMPULSE. The campaign targets individuals in the financial and cryptocurrency sectors on both Windows and macOS. Attackers use platforms like LinkedIn and Telegram to build…
8. Ratty – A terminal emulator with inline 3D graphics
⭐ 7 💬 0 👤 orhunp_ 🔗 Discuss on HN
Ratty is a GPU-rendered terminal emulator that supports inline 3D graphics, allowing you to embed interactive 3D content directly in your terminal. Created by Orhun Parmaksız, it features a playful spinning rat cursor and demonstrates how modern GPUs can bring rich visual experiences to command-line workflows — blending terminal functionality with WebGL-powered graphics.
9. An AI coding agent, used to write code, needs to reduce your maintenance costs
⭐ 178 💬 43 👤 cratermoon 🔗 Discuss on HN
James Shore argues that AI coding agents must reduce maintenance costs proportionally to their speed gains. If your code output doubles, maintenance costs should halve; otherwise you’re trading a temporary speed boost for permanent technical debt. He illustrates how maintenance — bug fixes, cleanup, dependency upgrades — inevitably consumes more and more of a team’s time over years, and why AI-generated code that’s harder to maintain ultimately makes teams less productive long-term.
10. Incident Report: CVE-2024-YIKES
⭐ 551 💬 140 👤 miniBill 🔗 Discuss on HN
Please see previous 14 incident reports for details on how seriously. Summary A compromised dependency in the JavaScript ecosystem led to credential theft, which enabled a supply chain attack on a Rust compression library, which was vendored into a Python build tool, which shipped malware to approximately 4 million developers before being inadvertently patched by an unrelated cryptocurrency mining worm. Timeline Day 1, 03:14 UTC — Marcus…