What came first: the CNAME or the A record?
35 by linolevan | 9 comments on Hacker News.
Monday, 19 January 2026
New top story on Hacker News: Bypassing Gemma and Qwen safety with raw strings
Bypassing Gemma and Qwen safety with raw strings
16 by teendifferent | 0 comments on Hacker News.
OP here. I spent the weekend red-teaming small-scale open weights models (Qwen2.5-1.5B, Qwen3-1.7B, Gemma-3-1b-it, and SmolLM2-1.7B). I found a consistent vulnerability across all of them: Safety alignment relies almost entirely on the presence of the chat template. When I stripped the <|im_start|> / instruction tokens and passed raw strings: Gemma-3 refusal rates dropped from 100% → 60%. Qwen3 refusal rates dropped from 80% → 40%. SmolLM2 showed 0% refusal (pure obedience). Qualitative failures were stark: models that previously refused to generate explosives tutorials or explicit fiction immediately complied when the "Assistant" persona wasn't triggered by the template. It seems we are treating client-side string formatting as a load-bearing safety wall. Full logs, the apply_chat_template ablation code, and heatmaps are in the post. Read the full analysis: https://ift.tt/KiLd24q...
16 by teendifferent | 0 comments on Hacker News.
OP here. I spent the weekend red-teaming small-scale open weights models (Qwen2.5-1.5B, Qwen3-1.7B, Gemma-3-1b-it, and SmolLM2-1.7B). I found a consistent vulnerability across all of them: Safety alignment relies almost entirely on the presence of the chat template. When I stripped the <|im_start|> / instruction tokens and passed raw strings: Gemma-3 refusal rates dropped from 100% → 60%. Qwen3 refusal rates dropped from 80% → 40%. SmolLM2 showed 0% refusal (pure obedience). Qualitative failures were stark: models that previously refused to generate explosives tutorials or explicit fiction immediately complied when the "Assistant" persona wasn't triggered by the template. It seems we are treating client-side string formatting as a load-bearing safety wall. Full logs, the apply_chat_template ablation code, and heatmaps are in the post. Read the full analysis: https://ift.tt/KiLd24q...
Sunday, 18 January 2026
Saturday, 17 January 2026
New top story on Hacker News: Show HN: What if your menu bar was a keyboard-controlled command center?
Show HN: What if your menu bar was a keyboard-controlled command center?
17 by pugdogdev | 4 comments on Hacker News.
Hey Hacker News The ones that know me here know that I am a productivity geek. After DockFlow to manage my Dock and ExtraDock, which gives me more space to manage my apps and files, I decided to tackle the macOS big boss: the menu bar. I spend ~40% of my day context-switching between apps — Zoom meetings, Slack channels, Code projects, and Figma designs. My macOS menu bar has too many useless icons I almost never use. So I thought to myself, how can I use this area to improve my workflows? Most solutions (Bartender, Ice) require screen recording permissions, and did not really solve my issues. I wanted custom menus in the apps, not the ones that the developers decided for me. After a few iterations and exploring different solutions, ExtraBar was created. Instead of just hiding icons, what if the menu bar became a keyboard-controlled command center that has the actions I need? No permissions. No telemetry. Just local actions. This is ExtraBar: Set up the menu with the apps and actions YOU need, and use a hotkey to bring it up with full keyboard navigation built in. What you can do: - Jump into your next Zoom call with a keystroke - Open specific Slack channels instantly (no menu clicking) - Launch VS Code projects directly - Trigger Apple Shortcuts workflows - Integrate with Raycast for advanced automation - Custom deep links to Figma, Spotify, or any URL Real-world example: I've removed my menu bar icons. Everything is keyboard- controlled: cmd+B → 2 (Zoom) → 4 (my personal meeting) → I'm in. Why it's different: Bartender and Ice hide icons. ExtraBar uses your menu bar to do things. Bartender requires screen recording permissions. Ice requires accessibility permissions. ExtraBar works offline with zero permissions - (Enhance functionality with only accessibility permissions, not a must) Technical: - Written in SwiftUI; native on Apple Silicon and Intel - Zero OS permissions required (optional accessibility for enhanced keyboard nav) - All data stored locally (no cloud, no telemetry) - Very Customizable with custom configuration built in for popular apps + fully customizable configuration actions. - Import/export action configurations The app is improving weekly based on community feedback. We're also building configuration sharing so users can share setups. Already got some great feedback from Reddit and Producthunt, and I can't wait to get yours! Check out the website: https://extrabar.app ProductHunt: https://ift.tt/lAfczYP
17 by pugdogdev | 4 comments on Hacker News.
Hey Hacker News The ones that know me here know that I am a productivity geek. After DockFlow to manage my Dock and ExtraDock, which gives me more space to manage my apps and files, I decided to tackle the macOS big boss: the menu bar. I spend ~40% of my day context-switching between apps — Zoom meetings, Slack channels, Code projects, and Figma designs. My macOS menu bar has too many useless icons I almost never use. So I thought to myself, how can I use this area to improve my workflows? Most solutions (Bartender, Ice) require screen recording permissions, and did not really solve my issues. I wanted custom menus in the apps, not the ones that the developers decided for me. After a few iterations and exploring different solutions, ExtraBar was created. Instead of just hiding icons, what if the menu bar became a keyboard-controlled command center that has the actions I need? No permissions. No telemetry. Just local actions. This is ExtraBar: Set up the menu with the apps and actions YOU need, and use a hotkey to bring it up with full keyboard navigation built in. What you can do: - Jump into your next Zoom call with a keystroke - Open specific Slack channels instantly (no menu clicking) - Launch VS Code projects directly - Trigger Apple Shortcuts workflows - Integrate with Raycast for advanced automation - Custom deep links to Figma, Spotify, or any URL Real-world example: I've removed my menu bar icons. Everything is keyboard- controlled: cmd+B → 2 (Zoom) → 4 (my personal meeting) → I'm in. Why it's different: Bartender and Ice hide icons. ExtraBar uses your menu bar to do things. Bartender requires screen recording permissions. Ice requires accessibility permissions. ExtraBar works offline with zero permissions - (Enhance functionality with only accessibility permissions, not a must) Technical: - Written in SwiftUI; native on Apple Silicon and Intel - Zero OS permissions required (optional accessibility for enhanced keyboard nav) - All data stored locally (no cloud, no telemetry) - Very Customizable with custom configuration built in for popular apps + fully customizable configuration actions. - Import/export action configurations The app is improving weekly based on community feedback. We're also building configuration sharing so users can share setups. Already got some great feedback from Reddit and Producthunt, and I can't wait to get yours! Check out the website: https://extrabar.app ProductHunt: https://ift.tt/lAfczYP
Friday, 16 January 2026
New top story on Hacker News: Show HN: 1Code – Open-source Cursor-like UI for Claude Code
Show HN: 1Code – Open-source Cursor-like UI for Claude Code
17 by Bunas | 5 comments on Hacker News.
Hi, we're Sergey and Serafim. We've been building dev tools at 21st.dev and recently open-sourced 1Code ( https://1code.dev ), a local UI for Claude Code. Here's a video of the product: https://www.youtube.com/watch?v=Sgk9Z-nAjC0 Claude Code has been our go-to for 4 months. When Opus 4.5 dropped, parallel agents stopped needing so much babysitting. We started trusting it with more: building features end to end, adding tests, refactors. Stuff you'd normally hand off to a developer. We started running 3-4 at once. Then the CLI became annoying: too many terminals, hard to track what's where, diffs scattered everywhere. So we built 1Code.dev, an app to run your Claude Code agents in parallel that works on Mac and Web. On Mac: run locally, with or without worktrees. On Web: run in remote sandboxes with live previews of your app, mobile included, so you can check on agents from anywhere. Running multiple Claude Codes in parallel dramatically sped up how we build features. What’s next: Bug bot for identifying issues based on your changes; QA Agent, that checks that new features don't break anything; Adding OpenCode, Codex, other models and coding agents. API for starting Claude Codes in remote sandboxes. Try it out! We're open-source, so you can just bun build it. If you want something hosted, Pro ($20/mo) gives you web with live browser previews hosted on remote sandboxes. We’re also working on API access for running Claude Code sessions programmatically. We'd love to hear your feedback!
17 by Bunas | 5 comments on Hacker News.
Hi, we're Sergey and Serafim. We've been building dev tools at 21st.dev and recently open-sourced 1Code ( https://1code.dev ), a local UI for Claude Code. Here's a video of the product: https://www.youtube.com/watch?v=Sgk9Z-nAjC0 Claude Code has been our go-to for 4 months. When Opus 4.5 dropped, parallel agents stopped needing so much babysitting. We started trusting it with more: building features end to end, adding tests, refactors. Stuff you'd normally hand off to a developer. We started running 3-4 at once. Then the CLI became annoying: too many terminals, hard to track what's where, diffs scattered everywhere. So we built 1Code.dev, an app to run your Claude Code agents in parallel that works on Mac and Web. On Mac: run locally, with or without worktrees. On Web: run in remote sandboxes with live previews of your app, mobile included, so you can check on agents from anywhere. Running multiple Claude Codes in parallel dramatically sped up how we build features. What’s next: Bug bot for identifying issues based on your changes; QA Agent, that checks that new features don't break anything; Adding OpenCode, Codex, other models and coding agents. API for starting Claude Codes in remote sandboxes. Try it out! We're open-source, so you can just bun build it. If you want something hosted, Pro ($20/mo) gives you web with live browser previews hosted on remote sandboxes. We’re also working on API access for running Claude Code sessions programmatically. We'd love to hear your feedback!
Subscribe to:
Comments (Atom)