1D-Chess is a chess variant played on a single row, using only three piece types: a king (moves one square in either direction), a knight (jumps two squares, leaping over pieces), and a rook (moves any distance in a straight line). The goal is to checkmate the opponent's king, while draws occur via stalemate, threefold repetition, or insufficient material. White plays against an AI, and with optimal play there is a forced win: N4 N5, N6 K7, R4 K6, R2 K7, R5++. The key idea is sacrificing the knight to force black into zugzwang — a position where any move worsens the situation. Premature rook moves lead to stalemate rather than checkmate, which is the primary trap. The variant was first described by Martin Gardner in Scientific American's Mathematical Games column in July 1980, with the full winning analysis published in August 1980.

World's largest known wild chimpanzee community — the ~200-member Ngogo group at Uganda's Kibale National Park — has been locked in a civil war since 2018, with 24 killings including 17 infants, per a study in Science. The group coexisted for decades in Western and Central subgroups, but began polarizing in 2015 when Western chimps fled from the Central group, triggering prolonged avoidance and escalating hostility. Three catalysts are identified: deaths of six adults in 2014 disrupting social ties, a 2015 alpha male change coinciding with first separation, and a 2017 respiratory epidemic killing 25 chimps including a key bridge individual. Since the 2018 split, Western chimps launched 24 targeted attacks killing at least seven adult males and 17 Central group infants. Lead researcher Aaron Sandel (UT Austin) attributes the conflict to resource competition and male reproductive rivalry. Since chimps — among humanity's closest genetic relatives — wage lethal group conflict without religion or ethnicity, relational dynamics may play a larger causal role in human warfare than assumed.

WireGuardNT v0.11 and WireGuard for Windows v0.6 have been released after an extended hiatus, bringing bug fixes, performance gains, new features (removing individual allowed IPs without dropping packets, low IPv4 MTU support), and significant code cleanup achieved by dropping pre-Windows 10 support. Toolchains were modernized across EWDK, Clang/LLVM/MinGW, and Go. The release was held up when Microsoft's Windows Hardware Program suspended the project's driver signing account as part of a mandatory account verification sweep — triggered by an October blog post warning that accounts unverified since April 2024 would be locked — which also hit VeraCrypt and others simultaneously. After developer Jason Donenfeld flagged the issue in a Hacker News comment and on Twitter, public attention prompted Microsoft's President of Windows and Devices, Pavan Davuluri, to acknowledge the problem and restore the account within a day. Microsoft attributed the disruption to a communication failure around their verification procedures, not targeted action. The built-in updater will prompt existing users, while new installs can use an 80KB installer fetcher.

Keychron published 686+ design files for 88 keyboard and mouse models in STEP, DWG, DXF, and PDF formats, covering cases, plates, encoders, stabilizers, and keycap profiles across Q, K, V, L, P, and C series keyboards plus M/G mice. The source-available license allows personal, educational, and commercial use for compatible accessories, but bars copying or selling Keychron hardware or using its trademarks. The goal is enabling hardware modding, accessory design, and study of real industrial design — mounting systems, tolerances, and component integration. Contributions like dimensional fixes, ISO layout variants, and documentation improvements are welcomed under the same license. A 3D printing guide and keycap profile references (Cherry, KSA, LSA, MDA, OEM, OSA) are included. Wooting has offered similar file releases for years. Critics note STEP files are final manufacturer export formats rather than native parametric source files like SolidWorks, limiting deeper engineering insight. License ambiguity around personal use when physical objects enter downstream commercial workflows remains an open question.

JSON Formatter, a popular Chrome extension for viewing and exploring JSON API responses, featured syntax highlighting, dark mode, collapsible trees, clickable URLs, and fast performance even on large pages. The developer announced a shift to a closed-source commercial model to build a more comprehensive API-browsing tool, leaving the repo online and publishing "JSON Formatter Classic" for open-source purists. However, shortly after going closed source, the extension began injecting adware into checkout pages and performing geolocation tracking. The extension relies on V8's native JSON.parse, meaning numbers outside JavaScript's safe integer range (±2^53−1) are silently clamped and floats rounded to 16 digits — limitations inherent to JavaScript. Object key ordering follows V8's behavior (numeric string keys appear first), and users can click "Raw" to see the original unmodified server response.

watgo is a newly released WebAssembly toolkit for Go, offering zero-dependency pure-Go alternatives to C++-based wabt and Rust-based wasm-tools. It provides both a CLI and a Go API for parsing WAT (WebAssembly Text format), validating modules against official WebAssembly semantics, and encoding/decoding to and from WASM binary. At its core is wasmir, a semantic IR that flattens WAT syntactic sugar — folded instructions become linear, named references resolve to numeric indices — matching binary and execution semantics. The CLI is installable via go install and aims for wasm-tools compatibility. The API exposes the wasmir module graph, allowing programmatic inspection of functions, types, and instruction sequences. Testing is rigorous: watgo passes the full WASM spec core test suite (~200K lines of .wast files), executes results via Node.js (wazero was tried but dropped due to missing GC proposal support), and also runs against wabt's interp suite and the author's own wasm-wat-samples collection. The internal textformat package, which parses WAT into an AST before lowering to wasmir, may be made public if demand exists.

Helium is produced via radioactive alpha decay and trapped in natural gas pockets, with Qatar supplying ~30% of global output — formerly shipped through the Strait of Hormuz. War-driven closure of the strait has spiked prices and triggered force majeure, while the US strategic helium reserve was sold off in 2024. Helium's uniquely low boiling point (4.2 K) makes it the only practical coolant for niobium-titanium superconducting MRI magnets and semiconductor lithography, including EUV machines where demand is projected to rise fivefold by 2035. Fiber optic cladding deposition also requires helium with no known substitute. Other uses include aerospace purging (NASA is the largest single US consumer), welding, deep-sea diving gas (replacing narcotic nitrogen), and lifting gas. Welding and lifting have viable alternatives like argon or hydrogen, and recycling has already cut US aerospace helium use by over 75%. However, most US helium remains unrecycled, and high-tech semiconductor and MRI applications have no practical replacements, making helium a genuine long-term vulnerability.

FluidCAD is a parametric CAD tool that lets developers write JavaScript to define 3D geometry, with results rendered in real time. It follows a traditional CAD workflow — sketches, extrusions, fillets, shells, and booleans — but expressed as code, with smart defaults reducing boilerplate: extrude picks up the last sketch automatically, touching shapes fuse without explicit union calls, and fillet targets the last selection. A navigable parametric history tree lets users step through or roll back any modeling operation non-destructively. A mouse-driven prototyping mode allows viewport-based extrusion by dragging before values are locked in code. Feature transforms support linear and circular patterns, mirroring, and rotation of entire feature sequences. Shape references expose faces, edges, and vertices directly for minimal-math geometry composition. STEP import and export with full color support enables interoperability with standard CAD tools. The package installs via npm (npm i fluidcad) and initializes in under a minute.

RISC-V is an open standard ISA created in 2010 and stewarded by RISC-V International since 2015, letting anyone build a compliant CPU without licensing fees — analogous to USB or Ethernet. Unlike proprietary ISAs, RISC-V is extensible by design, enabling custom instructions for AI/ML, security, and power-constrained workloads, with profiles like RVA23 grouping compatible instruction sets to ensure portability. Most deployments have been deeply embedded, but 2026 is expected to bring developer boards supporting RVA23 and capable of running Linux. Google's OpenTitan project — an open-source RISC-V security root of trust now shipping in Chromebooks and data centers — exemplifies growing industry adoption. Canonical has supported RISC-V since 2021; Ubuntu 24.04 LTS covers the RVA20 profile, while 25.10 and the upcoming 26.04 LTS will target RVA23, with up to 15 years of support via Ubuntu Pro. Canonical also partners with silicon vendors for product-specific builds and provides Launchpad tooling for custom Ubuntu images.

The CPUID website, home to popular utilities like HWMonitor and CPU-Z, was compromised when attackers hijacked a secondary backend API for roughly six hours between April 9-10, swapping legitimate download links with malicious ones. The signed software builds themselves were untouched; the breach sat at the link-delivery layer. Malicious installers included a fake CRYPTBASE.dll that phoned home to a command-and-control server, ran largely in memory via PowerShell, compiled a .NET payload on victim machines, and targeted stored browser credentials through Chrome's IElevation COM interface. The dead giveaway for some users was an HWMonitor 1.63 link pointing to a file named "HWiNFO_Monitor_Setup.exe." Infrastructure analysis by vx-underground links the campaign to an earlier FileZilla-targeting operation, suggesting an evolving and deliberate playbook rather than a one-off attack. CPUID confirmed the fix but has not disclosed how the API was accessed or how many users pulled the malicious files.

Twill is a managed AI coding agent service following a fixed six-stage pipeline — research, plan, user approval, implementation, AI code review, and PR merge — preventing agents from skipping steps. It supports multiple backends (Claude Code, OpenCode, Codex), lets users run agents in parallel or repeatedly to improve success rates, and spins up isolated sandboxes to build and test changes before creating pull requests. Twill integrates with GitHub, Linear, and Slack via @mention, and exposes sandbox logs, ports, and SSH access for debugging. Teams can also start from pre-built templates for recurring workflows like dependency updates, bug fixes, and documentation.

Bluesky's worst outage affected roughly half of users intermittently for ~8 hours on Monday, April 7, 2026. The root cause was a single missing line — group.SetLimit(50) — in the GetPostRecord RPC handler, the only endpoint in the data plane without bounded concurrency. A new internal service sent batches of 15–20K URIs per request, causing the handler to spawn up to 20,000 goroutines simultaneously. These slammed memcached with new TCP connections, then closed them, filling TIME_WAIT and exhausting ephemeral ports. Port exhaustion triggered millions of logged errors per second; the blocking write(2) syscalls caused the Go runtime to spawn ~10x normal OS threads (150→1,500), amplifying GC stop-the-world pauses. Aggressive GOGC/GOMEMLIMIT tuning caused periodic OOMs; on restart, old TIME_WAIT sockets blocked new memcached connections, creating a death spiral. The band-aid fix randomized the loopback source IP per connection to expand port space; the real fix was adding group.SetLimit(50). The status page incorrectly blamed a third-party provider, later corrected.

A macOS researcher demonstrates that Privacy & Security's Files & Folders UI can actively lie about enforced access restrictions. Using a notarized test app called Insent, once a user selects a protected folder via an Open/Save Panel (expressing "intent"), macOS's sandboxd stops intercepting file system calls for that folder — so TCC no longer enforces the toggle shown in Settings. The root cause is a com.apple.macl extended attribute set on the folder, which SIP prevents removal of. After this, disabling the app's Documents toggle has no effect; the app reads files freely while the UI falsely shows it blocked. The only fix is running tccutil reset All <bundle-id> in Terminal followed by a full restart. This is folder-specific: intent-based access to Documents doesn't bypass restrictions on Desktop or Downloads. The behavior requires deliberate sequencing — the user must select the protected folder in an Open/Save dialog — but once triggered, access is effectively permanent until manually reset.

Bild AI, a startup focused on automating blueprint reading, cost estimation, and permit applications in construction, is hiring a full-stack software engineer based in San Francisco. The role requires working across a React frontend and Python backend, shipping features end-to-end with weekly customer interviews to guide product decisions. The company emphasizes strong product taste, direct customer communication, and the ability to translate complex construction domain knowledge into clean software. Ideal candidates are generalist builders comfortable with 0-to-1 product development, and bonus consideration is given to those with founder experience or a construction background. The interview process includes a 15-minute intro, two technical rounds, and a 3–5 day paid work trial, with full-time in-office presence required.

DOJ's Office of Legal Counsel has issued a memo declaring the Presidential Records Act (PRA) unconstitutional, arguing presidential records are private rather than public property — already facing legal challenges. The PRA, enacted after Watergate, requires records be transferred to NARA at each term's end and released under FOIA after five years, enabling public access to records on Obama's Iran deal, Bush's Katrina response, and Supreme Court nominations. The memo arrived days after Eric Trump unveiled a Miami "Trump Presidential Library" skyscraper with no apparent NARA partnership. The Freedom of the Press Foundation has over a dozen pending FOIA requests for Trump-era records including CIA torture documents, January 6 materials, Lafayette Square protest records, impeachment communications, and foreign leader correspondence with Putin and Kim Jong Un. If the DOJ position holds, those records — and all future presidential records — could be permanently withheld by any administration, Republican or Democrat.

A developer building ClojureFnl — a Clojure-to-Fennel compiler on Lua — replaced slow copy-on-write immutable structures with proper persistent ones in a new library, immutable.fnl. It implements a 16-branching HAMT for hash maps/sets, a 32-branching trie for vectors, Okasaki/Germane-Might red-black trees for sorted maps/sets, lazy linked lists, and a persistent queue (list front + vector rear). On PUC Lua 5.5, persistent hash map operations run 80–220x slower than native tables; transients roughly halve that cost. LuaJIT drops per-operation costs to sub-microsecond though the ratio gap widens. The djb2 hash (no bitwise operators needed) was chosen for cross-version Lua compatibility, with randomized salting and per-prototype memory-address salting to prevent persistent collections from falsely aliasing plain Lua tables of equal content. Lists were reimplemented using a thunk-based lazy mechanism and three metatables instead of the prior closure-based approach. The persistent queue achieves amortized O(1) append and remove by lazily converting its vector rear into a linked list front only when exhausted.

Linux kernel has published guidance for AI-assisted contributions, requiring all AI-generated code to comply with GPL-2.0-only licensing and human contributors to bear full legal responsibility for reviewing, certifying, and submitting it. AI tools are barred from adding Signed-off-by tags, as only humans can legally certify the Developer Certificate of Origin. Contributions must include an "Assisted-by" tag specifying agent name, model version, and specialized tools used (e.g., coccinelle, sparse, smatch); basic tools like git need not be listed. Commenters broadly view the policy as pragmatic. Skeptics question whether AI-generated code can reliably satisfy GPL-2.0 given models trained on mixed-license and potentially unlicensed data, citing a recent study of a leading model reproducing licensed code verbatim. Others argue the policy doesn't shield the kernel project from liability for foreseeable downstream infringement, while some object to "Assisted-by" language as anthropomorphizing statistical text transformers. The tagging scheme is noted as useful for future auditing and replacement of AI-written code.

Foxguard is a Rust security scanner by PwnKit Labs that completes scans in tens of milliseconds versus 4–17 seconds for Semgrep (even with cached rules), using tree-sitter for AST parsing and rayon for parallelism — no JVM, Python interpreter, or network calls. It ships 100+ built-in rules across 10 languages (JS/TS, Python, Go, Ruby, Java, PHP, Rust, C#, Swift) covering SQL injection, XSS, SSRF, command injection, hardcoded secrets, weak crypto, and framework-specific checks for Express, Django, Rails, Spring, Laravel, Gin, .NET, and iOS. It also scans for leaked credentials (AWS, GitHub, Slack, Stripe tokens, private keys) with redacted output, and a VS Code extension scans on save. A Semgrep/OpenGrep-compatible YAML subset enables incremental migration, and SARIF output integrates with GitHub Code Scanning. The design deliberately positions foxguard for fast local feedback while deferring to Semgrep/OpenGrep for broader external rule ecosystems. It is part of a three-tool open-source stack alongside pwnkit (AI pentester) and opensoar (Python SOAR), licensed MIT.

MiniWord is a minimal, lightweight WYSIWYG word processor written in Python, currently in active development. Unlike browser-based editors, it renders directly using wxPython and Cairo, keeping dependencies minimal and startup fast. Its file format is human-readable and described as diff-, git-, and AI-friendly, with good Markdown support and extensibility via Python plugins. The project targets Linux primarily but aims for Windows and Mac compatibility. Installation is straightforward via pip, with optional plugin and desktop integration steps. A missing module (miniword.core.utils) has been reported by multiple users on macOS, suggesting a packaging issue in the current release.

NonBioS deployed OpenClaw roughly 1,000 times and interviewed engineers who spent weeks using it, concluding there are no legitimate production use cases. The central failure is memory: OpenClaw's context fills up unpredictably, causing it to forget critical information mid-task—such as who declined an invite before a group email sends—without the user knowing. The author argues this is a fundamental architectural flaw, not a fixable bug, contrasting it with NonBioS's own "Strategic Forgetting" approach that mimics selective human memory. The only working use case found is daily news digests via WhatsApp, replicable with simpler tools like Zapier or ChatGPT scheduled tasks. Online hype—claims of automating teams or replacing employees—is attributed to engagement-driven content: demos that work once but aren't trusted for real ongoing tasks. The author recommends OpenClaw only as an educational experiment, and advises running it in an isolated VM given security risks from connecting it to email, calendar, and messaging apps with root access.

Paris-based JCDecaux, inventor of the self-cleaning public toilet (1980) and modern street furniture, installed 435 new toilets ahead of the 2024 Olympics, each used roughly 200 times daily. The two-sided design includes a cabin and urinal, with an automatic disinfection cycle after each use and hotel-quality interiors. San Francisco partnered with JCDecaux for 25 toilets at no city cost, funded by kiosk ad revenue under a 20-year deal. LA rejected JCDecaux and launched its own 2022 program, producing just 14 toilets — all currently closed, with one councilmember using stop-gap funds to keep four open. By 2028, LA's bus shelter rollout will deliver only 500 of 3,000 promised shelters, with no plan for permanent signage. Paris's JCDecaux street furniture — bus shelters, Morris columns, ad kiosks — is well-maintained and now incorporates greenery in a climate pilot. JCDecaux manages 4,000+ sidewalk objects in Paris, selling ads to fund upkeep in a virtuous cycle that also benefits advertisers. During the Olympics, Parisian newsstand operators acted as city ambassadors — a model LA lacks the infrastructure to replicate.

Let's Encrypt built a custom Go program to host test certificate websites — valid, expired, and revoked — for each of their four root certificates, replacing complex shell scripts. The tool uses the Lego Go library for ACME certificate requests via TLS-ALPN-01 challenge, requiring no extra infrastructure. For revoked certs, the program issues, revokes via ACME, then polls the CRL until the serial number appears. A "next certificate" staging mechanism handles timing: revoked certs wait 24+ hours for CRL propagation, expired certs wait past their expiration date. The Go webserver uses a GetCertificate SNI callback and refuses connections if the certificate is in the wrong state. Plain-text/ASCII art is served to HTTP clients not requesting text/html. Browser revocation checking is inconsistent — Firefox's CRLite is the current best implementation, while Ubuntu is deploying upki, a Rustls-based CRLite project. The code is open-source at github.com/letsencrypt/test-certs-site/ and available for other CAs.

This is a meta-commentary piece that uses placeholder text to expose the structural formula behind typical online articles. Rather than conveying real information, each element describes its own rhetorical function: bold opening hooks draw readers in, segue paragraphs bridge high-level concepts to practical application, subheadings segment content, bolded keywords accommodate skimmers, and bullet points break up reading flow. Deeper sections introduce code blocks with explanatory bullet points, followed by synthesis sections that tie prior concepts together before allowing the author to "cash in" earned trust with philosophical asides. The piece culminates in a revisited opening sentence and reader thanks, completing a predictable arc. By making the scaffolding visible rather than hiding it behind real content, it implicitly critiques conventions like titlemaxxing, clickbait, and the illusion of depth created through structural mimicry alone.

The FBI recovered deleted Signal messages from a defendant's iPhone by extracting data from Apple's internal notification storage. The case involved Lynette Sharp, convicted of providing material support to terrorists related to vandalism at an ICE detention facility in Texas. Signal had been removed from the device, but incoming message notifications — including full content previews — remained in internal storage because Sharp had not enabled Signal's setting to hide notification content, which is off by default. iOS persistently stores notification data, and push notification tokens aren't immediately invalidated when an app is deleted, meaning notifications may continue arriving after removal. The FBI likely used commercially available forensic tools to extract this data, possibly from a device backup. Apple has since updated iOS 26.4 to change how push notification tokens are validated, though whether this was triggered by the case is unknown. Neither Signal nor Apple commented on notification storage practices.

Ahead of Euphoria season 3's premiere, Warner Bros. Discovery filed a DMCA notice March 31 against X account "Lexi howard's cat" (@maudesfancat), a long-running fan account that posted what WBD called spoilers for unaired episodes. X removed the posts, but WBD escalated April 7 with a DMCA subpoena in California federal court, signed by a clerk the next day. The subpoena compels X to hand over names, addresses, phone numbers, email addresses, IP addresses, and billing records. A notable inconsistency exists: the DMCA notice classifies the content as "video/audiovisual recording," while the court declaration describes it as "summaries of unpublished character, setting, and plots" — a legally significant distinction, since copyright protects expression, not ideas or plot descriptions. WBD also states the user "posted access to HBO's unpublished, copyright protected work," suggesting content may have exceeded mere summaries. X has until April 23 to respond; neither party has challenged the subpoena, and the @maudesfancat account is no longer active.

UC Davis and SUNY Buffalo researchers outfitted 54 Magellanic penguins in Patagonia with silicone passive sampler leg bands during 2022–24 breeding seasons, allowing the birds to collect environmental chemical data as they foraged. Once retrieved, the bands were tested and PFAS ("forever chemicals") were detected in over 90% of samples, even in this remote region. Critically, the data revealed a shift from legacy PFAS toward newer replacement compounds like GenX, which were supposed to be safer alternatives but are evidently still persistent enough to reach the ends of the earth. The method is minimally invasive compared to traditional blood draws or feather collection, and it allows animals to effectively choose their own sampling sites. Researchers say the technique could be adapted for tracking pollution from oil spills and shipwrecks, and plan to expand testing to cormorants capable of diving over 250 feet. The study was published in Earth: Environmental Sustainability and funded by the Houston Zoo.

Researchers at ETH Zurich led by Tilman Esslinger have demonstrated a high-fidelity quantum swap gate using neutral potassium atoms in optical lattices, achieving 99.91% precision across 17,000 qubit pairs simultaneously. The key innovation is exploiting geometric phases — arising from fermion exchange symmetry — rather than dynamical phases from tunneling or collisions, making the gate robust against laser intensity fluctuations and experimental noise. A swap gate exchanges quantum states between two qubits and is essential for routing information in large-scale quantum computers. The optical lattice approach enables thousands of qubits in one system, an advantage over superconducting and trapped-ion platforms. The gate operates in under one millisecond, and the team also demonstrated "half"-swap gates that entangle qubit pairs via atomic collisions — a prerequisite for quantum algorithms. Published in Nature on April 8, 2026, next steps include integrating a quantum gas microscope for individual qubit addressability. The system currently lacks inter-pair connectivity and individual control, so it is not yet a programmable quantum computer.