Top Stories

Valve releases Steam Controller CAD files under Creative Commons license

1468 points · digitalfoundry.net

Valve has dropped the full mechanical CAD package for the original Steam Controller into the public domain under a Creative Commons license, a quietly seismic move for an industry where peripheral makers guard hardware IP jealously. Hobbyists and open-hardware advocates are already mocking up 3D-printable shells, alternative input layouts, and accessibility variants that were impossible while the files lived in Valve’s repos.

The HN thread is half nostalgia for the Steam Controller’s haptic trackpads and half practical excitement: with the geometry now licensable, small manufacturers can build clones, replacement parts businesses, or wildly modified gamepads without legal risk. It’s also being read as a signal that Valve is leaning further into the open ecosystem mindset that made the Steam Deck such a darling.

Vibe coding and agentic engineering are getting closer than I’d like

624 points · simonwillison.net

Simon Willison argues the line between casual “vibe coding” — letting an LLM ship whatever it ships — and disciplined agentic engineering with tests, reviews, and guardrails has eroded faster than the industry has admitted. He worries that the same tooling now enables both, and that teams are silently importing the worst habits of the former into production codebases.

The 670+ comment thread is the conversation a lot of engineering leaders are having privately right now: where do you draw the line between letting an agent run autonomously and demanding human-reviewed PRs, and how do you keep junior engineers from skipping straight to “looks fine, ship it”? Willison’s framing — that vibe coding is fine for throwaway tools but corrosive for anything that has to be maintained — is being widely cited.

Google Cloud Fraud Defense, the next evolution of reCAPTCHA

315 points · cloud.google.com

Google is rebranding and restructuring reCAPTCHA into a broader Cloud Fraud Defense product, pitching it as an end-to-end risk engine for account takeover, payment fraud, and bot abuse rather than just a checkpoint on signup forms. The pitch leans heavily on signals already collected across Google’s ad and identity stack.

The HN reaction is sharply divided: ops and fraud teams are interested in the unified API surface, while privacy-leaning developers see this as Google formalizing a surveillance product they’ve been quietly running for a decade. Comments are also dissecting whether agentic AI traffic — increasingly indistinguishable from humans — finally breaks the reCAPTCHA model that this launch is meant to replace.

286 points · sqlite.org

The Library of Congress has formally added SQLite to its list of recommended formats for long-term archival storage of datasets, joining CSV and a small handful of others. Richard Hipp’s team is using the announcement to underscore SQLite’s commitments around backwards compatibility through 2050 and its single-file, self-contained database design.

For HN, this is a victory lap for an unusually disciplined open-source project — but the comments are also a useful primer on why archival institutions care so much about format stability, and why “just use Postgres” is a non-answer when your time horizon is a century.

From Supabase to Clerk to Better Auth

263 points · val.town

Val Town walks through migrating their authentication stack twice in eighteen months — Supabase to Clerk, then Clerk to Better Auth — and the post is brutally honest about the costs of each switch and the tradeoffs that drove them. The TL;DR is that hosted auth providers got expensive fast as the user base grew, and pulling auth back in-house with Better Auth gave them control over UX edge cases they’d been working around.

The 193-comment thread is mostly other founders comparing notes on auth-vendor lock-in, with strong opinions on Clerk’s pricing model and whether Better Auth (TypeScript-native, self-hosted) is mature enough to bet a startup on. It’s the kind of post that ends up on a lot of CTOs’ bookmarks.

Show HN: Tilde.run – Agent sandbox with a transactional, versioned filesystem

167 points · tilde.run

Tilde.run is positioning itself as the runtime layer agentic coding tools have been missing: a sandboxed execution environment with a copy-on-write, transactional filesystem so an agent’s experiments can be inspected, branched, and rolled back without polluting the host machine. Think Git for agent state, with proper isolation.

The reception in the 118-comment thread is enthusiastic from people who’ve been duct-taping Docker, snapshots, and worktrees together to get the same effect. The harder questions are around pricing, multi-tenancy isolation guarantees, and whether this becomes a standalone product or gets absorbed into the bigger agent platforms.

A Theory of Deep Learning

202 points · elonlit.com

A long, ambitious essay attempting to unify what we currently know about why deep networks generalize, why optimization works despite non-convexity, and why scaling laws look the way they do. The author leans on neural tangent kernels, mean-field analysis, and recent work on feature learning to sketch a coherent picture rather than the usual grab-bag of partial explanations.

HN’s response is typical for posts of this genre: applause from people who’ve been hungry for synthesis, sharp pushback from researchers who think the framing oversimplifies, and a lot of useful pointer-citations in the comments. Worth bookmarking if you’ve ever felt that “deep learning works, we just don’t know why” is no longer an acceptable answer.

Learning the Integral of a Diffusion Model

140 points · sander.ai

Sander Dieleman’s latest deep dive is on flow maps — the idea of training a model to predict not the next infinitesimal step of a diffusion process, but the integrated trajectory directly. The payoff is dramatic inference speedups: instead of dozens or hundreds of denoising steps, you can sample in one or a handful.

The post is technical but unusually clear, and the HN thread (heavy on ML researchers) treats it as one of the better explainers of why flow matching, consistency models, and rectified flow are converging on the same idea. Practical implication: image and video generation models keep getting cheaper to run by an order of magnitude every year or two.

Show HN: Hallucinopedia

237 points · halupedia.com

Hallucinopedia is exactly what it sounds like: an LLM-generated encyclopedia of things that don’t exist, presented with the deadpan authority of Wikipedia. It’s a pointed art project about how confidently models will fabricate when given the right prompt, and how convincing the fabrications can read on the surface.

The HN comments split between people delighted by the satire and people uneasy that it works this well — particularly given how much of the real web is now filling with similarly confident-but-wrong AI content. Several commenters note it’s a useful teaching tool for showing non-technical colleagues why “the AI said so” isn’t a citation.

Appearing productive in the workplace

1221 points · nooneshappy.com

A widely-shared essay on the rituals of looking busy — the calendar Tetris, the performative Slack activity, the strategic CC — and how remote work didn’t kill the practice so much as move it onto new surfaces. The author’s argument is that “appearing productive” has become its own job function, especially for knowledge workers whose actual output is hard to measure.

The 477-comment thread is one of those HN moments where commenters are clearly writing about their own current jobs. Threads on coding agents made it into the discussion fast: if AI does the work, what exactly is the human performing for?