← Kilroy’s Daily Briefings
📡 HN Briefing AM

📡 Hacker News Briefing — Tuesday, June 2, 2026 at 9:00 AM

📡 HN Briefing AM6/2/2026🕐 9:00 AMDev pulseMorning

Top stories, ranked by relevance.

Story cards stay below the sticky dock while audio, chapters, date, and brief navigation remain accessible.

#1The newest Instagram "exploit" is the goofiest I've seen

A security researcher discovered a zero-authentication account takeover on Instagram — including the Obama White House account — requiring exactly two steps: ask Meta's AI support bot to send a password reset to an attacker-controlled email, and it complies. No verification, no authentication, no friction whatsoever. With 14-plus years of vulnerability research experience, the author calls it the first zero-auth password reset they've ever encountered in production — Meta's own AI helpdesk had become an account-hijacking tool.

🔗 0xsid.com
No image

#2Adafruit Receives Demand Letter from Fenwick Legal Counsel on Behalf of Flux.ai

AI PCB-design startup Flux.ai sent a demand letter via Fenwick and West LLP to suppress an Adafruit blog post that documented a server misconfiguration leaking user data. Adafruit countered that it accessed only information Flux's own systems made publicly available — textbook responsible disclosure — and the letter also invoked the Computer Fraud and Abuse Act, drawing immediate backlash from the security and open-hardware communities. Adafruit paused publishing briefly, then published the demand letter itself.

🔗 blog.adafruit.com
No image

#3Apple rejected my dictation app for using the accessibility API

Developer Rene Zelaya built WhisperPad — a menu bar app using on-device AI transcription via Whisper — to cope with RSI, and Apple approved early versions before rejecting an update introducing a paid tier under Guideline 2.4.5 for using the accessibility API to inject transcribed text. An appeal framing it as an accessibility tool for injury sufferers was also denied. Zelaya's solution: ship a neutered App Store version requiring manual paste, while distributing the full auto-inject version directly from his own site.

🔗 mitmllc.com

#4Muxcard, a DIY credit card size computer

Muxcard is a fully programmable computer at actual credit card dimensions — roughly 1mm thick — built on an ESP32-C3 with an e-paper display, NFC, accelerometer, and an ultra-thin LiPo battery that actually fits in a wallet alongside other cards. Proposed use cases span offline 2FA storage, smart-home control, and Flipper Zero-style penetration testing. The first working prototype is complete; durability, battery longevity, and manufacturing viability are the next frontiers.

🔗 github.com

#5A walking tour of surveillance infrastructure in Seattle

A 1.3-mile guided tour maps six major surveillance systems embedded in downtown Seattle, including an Amazon Go store tracking purchases via overhead cameras, 99-plus stationary license plate readers logging 13.5 million scans annually, a traffic system that creates fake Wi-Fi networks to harvest smartphone MAC addresses, and an AT&T facility housing NSA wiretapping infrastructure. The tour doubles as a data-rights primer, connecting each physical installation to the policy gaps that enable it — part urban hike, part field guide to surveillance capitalism.

🔗 coveillance.org
No image

#6Why Janet? (2023)

Ian Henry makes the case for Janet, a Lisp dialect with only eight core instructions and a standard library that fits on a single screen, as a powerful personal-project workhorse. It compiles to native executables under a megabyte with no runtime dependencies, replaces regexes with parsing expression grammars described as simpler and more predictable, and supports shell-script-style syntax via a third-party library. The pitch is less about enterprise adoption and more about having the smallest, most self-contained tool that handles everything a solo developer actually needs.

🔗 ianthehenry.com

#7Please don't spam people looking for employment. It's just cruel

A native HN post from a job seeker six months unemployed — a forced immigrant managing rent, debt, and a cat — describing the emotional devastation of receiving what appear to be employment leads only to find them spam or scam recruiter blasts. The post climbed to nearly 400 points and opened a wide discussion about the state of tech hiring and recruiter ethics. Sometimes the most-upvoted stories are just someone being honest about something everyone already knows is broken.

🔗 news.ycombinator.com
No image

#8You Don't Love Systemd Timers Enough

A practical post arguing systemd timers are a strictly better replacement for cron, solving four classic cron pain points: unpredictable PATH, output that vanishes into the void, opaque scheduling syntax, and zero execution history. The walkthrough pairs a .service unit with a .timer unit, demonstrating that while setup is more verbose, the payoff in observability and debuggability is significant. If you've ever lost a cron job to a missing stdout, this one's directly for you.

🔗 blog.tjll.net
No image

#9CSS-Native Parallax Effect

CSS scroll-driven animation timelines now enable true parallax effects with zero JavaScript, handled entirely off the main thread via view-timeline-name and animation-timeline properties. The author distills the technique to a single reusable .parallax utility class with a --parallax-offset custom property controlling intensity, plus a slight scale-up to prevent edge gaps during translation. It's a clean, performant replacement for the scroll-event-listener approach that has historically been hard on mobile.

🔗 dan-webnotes.com

#10Fidonet: Technology, Use, Tools, and History (1993)

A 1993 document describing FidoNet, the store-and-forward email network built on direct-dial telephone lines that reached over 20,000 public nodes worldwide with no central authority and no internet required — nodes simply dialed each other directly overnight to exchange mail, guided by a weekly-distributed nodelist of modem numbers. It surfaces on HN regularly as a reminder that decentralized global communication is not a new idea; someone had it working in 1984 with a modem and a lot of long-distance bills.

🔗 fidonet.org
No image
Kilroy’s Daily Briefings · 6/2/2026