I built a new type of erasure code using Bloom filters
https://www.reddit.com/r/programming/comments/1qivu6e/i_built_a_new_type_of_erasure_code_using_bloom/
submitted by /u/chainless-coder (https://www.reddit.com/user/chainless-coder)
[link] (https://lumramabaja.com/posts/let-it-bloom-the-seeds-of-information-chaining-part-1/) [comments] (https://www.reddit.com/r/programming/comments/1qivu6e/i_built_a_new_type_of_erasure_code_using_bloom/)
https://www.reddit.com/r/programming/comments/1qivu6e/i_built_a_new_type_of_erasure_code_using_bloom/
submitted by /u/chainless-coder (https://www.reddit.com/user/chainless-coder)
[link] (https://lumramabaja.com/posts/let-it-bloom-the-seeds-of-information-chaining-part-1/) [comments] (https://www.reddit.com/r/programming/comments/1qivu6e/i_built_a_new_type_of_erasure_code_using_bloom/)
The Sidecar Siphon: Exploiting Identity Leaks in Service Mesh Architectures
https://www.reddit.com/r/programming/comments/1qiwfxq/the_sidecar_siphon_exploiting_identity_leaks_in/
submitted by /u/JadeLuxe (https://www.reddit.com/user/JadeLuxe)
[link] (https://instatunnel.my/blog/the-sidecar-siphon-exploiting-identity-leaks-in-service-mesh-architectures) [comments] (https://www.reddit.com/r/programming/comments/1qiwfxq/the_sidecar_siphon_exploiting_identity_leaks_in/)
https://www.reddit.com/r/programming/comments/1qiwfxq/the_sidecar_siphon_exploiting_identity_leaks_in/
submitted by /u/JadeLuxe (https://www.reddit.com/user/JadeLuxe)
[link] (https://instatunnel.my/blog/the-sidecar-siphon-exploiting-identity-leaks-in-service-mesh-architectures) [comments] (https://www.reddit.com/r/programming/comments/1qiwfxq/the_sidecar_siphon_exploiting_identity_leaks_in/)
Two Catastrophic Failures Caused by "Obvious" Assumptions
https://www.reddit.com/r/programming/comments/1qj00yq/two_catastrophic_failures_caused_by_obvious/
<!-- SC_OFF -->Both incidents involve smart people doing reasonable things and systems behaving exactly as designed. Mars Climate Orbiter (1999): lost because one team used Imperial units and the other used Metric. Citibank $500M error (2020): a routine interest payment turned into a principal transfer due to ambiguous UI labels. The problem wasn’t complexity but "meaning" that existed only in people’s heads. This is a breakdown of how assumptions turn into catastrophic technical debt. <!-- SC_ON --> submitted by /u/Vast-Drawing-98 (https://www.reddit.com/user/Vast-Drawing-98)
[link] (https://open.substack.com/pub/alexanderfashakin/p/make-it-make-sense-nobody-clicked-the-wrong-button?utm_campaign=post-expanded-share&utm_medium=web) [comments] (https://www.reddit.com/r/programming/comments/1qj00yq/two_catastrophic_failures_caused_by_obvious/)
https://www.reddit.com/r/programming/comments/1qj00yq/two_catastrophic_failures_caused_by_obvious/
<!-- SC_OFF -->Both incidents involve smart people doing reasonable things and systems behaving exactly as designed. Mars Climate Orbiter (1999): lost because one team used Imperial units and the other used Metric. Citibank $500M error (2020): a routine interest payment turned into a principal transfer due to ambiguous UI labels. The problem wasn’t complexity but "meaning" that existed only in people’s heads. This is a breakdown of how assumptions turn into catastrophic technical debt. <!-- SC_ON --> submitted by /u/Vast-Drawing-98 (https://www.reddit.com/user/Vast-Drawing-98)
[link] (https://open.substack.com/pub/alexanderfashakin/p/make-it-make-sense-nobody-clicked-the-wrong-button?utm_campaign=post-expanded-share&utm_medium=web) [comments] (https://www.reddit.com/r/programming/comments/1qj00yq/two_catastrophic_failures_caused_by_obvious/)
Making an LSP for great good
https://www.reddit.com/r/programming/comments/1qj0d6y/making_an_lsp_for_great_good/
<!-- SC_OFF -->You can see the LSP working live in the playground (https://thunderseethe.dev/making-a-language) <!-- SC_ON --> submitted by /u/thunderseethe (https://www.reddit.com/user/thunderseethe)
[link] (https://thunderseethe.dev/posts/lsp-base/) [comments] (https://www.reddit.com/r/programming/comments/1qj0d6y/making_an_lsp_for_great_good/)
https://www.reddit.com/r/programming/comments/1qj0d6y/making_an_lsp_for_great_good/
<!-- SC_OFF -->You can see the LSP working live in the playground (https://thunderseethe.dev/making-a-language) <!-- SC_ON --> submitted by /u/thunderseethe (https://www.reddit.com/user/thunderseethe)
[link] (https://thunderseethe.dev/posts/lsp-base/) [comments] (https://www.reddit.com/r/programming/comments/1qj0d6y/making_an_lsp_for_great_good/)
Antithesis - The Deterministic Computer
https://www.reddit.com/r/programming/comments/1qj0ujc/antithesis_the_deterministic_computer/
submitted by /u/Tybug2 (https://www.reddit.com/user/Tybug2)
[link] (https://mack.work/blog/antithesis) [comments] (https://www.reddit.com/r/programming/comments/1qj0ujc/antithesis_the_deterministic_computer/)
https://www.reddit.com/r/programming/comments/1qj0ujc/antithesis_the_deterministic_computer/
submitted by /u/Tybug2 (https://www.reddit.com/user/Tybug2)
[link] (https://mack.work/blog/antithesis) [comments] (https://www.reddit.com/r/programming/comments/1qj0ujc/antithesis_the_deterministic_computer/)
Five Mistakes I've Made with Euler Angles
https://www.reddit.com/r/programming/comments/1qj5loa/five_mistakes_ive_made_with_euler_angles/
submitted by /u/boscillator (https://www.reddit.com/user/boscillator)
[link] (https://buchanan.one/blog/rotations/) [comments] (https://www.reddit.com/r/programming/comments/1qj5loa/five_mistakes_ive_made_with_euler_angles/)
https://www.reddit.com/r/programming/comments/1qj5loa/five_mistakes_ive_made_with_euler_angles/
submitted by /u/boscillator (https://www.reddit.com/user/boscillator)
[link] (https://buchanan.one/blog/rotations/) [comments] (https://www.reddit.com/r/programming/comments/1qj5loa/five_mistakes_ive_made_with_euler_angles/)
Rollout of AI may need to be slowed to ‘save society’, says JP Morgan boss | Davos 2026
https://www.reddit.com/r/programming/comments/1qj910p/rollout_of_ai_may_need_to_be_slowed_to_save/
submitted by /u/Numerous-Trust7439 (https://www.reddit.com/user/Numerous-Trust7439)
[link] (https://www.theguardian.com/technology/2026/jan/21/rollout-ai-slowed-save-society-jp-morgan-jamie-dimon-jensen-huang) [comments] (https://www.reddit.com/r/programming/comments/1qj910p/rollout_of_ai_may_need_to_be_slowed_to_save/)
https://www.reddit.com/r/programming/comments/1qj910p/rollout_of_ai_may_need_to_be_slowed_to_save/
submitted by /u/Numerous-Trust7439 (https://www.reddit.com/user/Numerous-Trust7439)
[link] (https://www.theguardian.com/technology/2026/jan/21/rollout-ai-slowed-save-society-jp-morgan-jamie-dimon-jensen-huang) [comments] (https://www.reddit.com/r/programming/comments/1qj910p/rollout_of_ai_may_need_to_be_slowed_to_save/)
Using KadePy (Python) to communicate with Node.js via Hyperswarm — best practices?
https://www.reddit.com/r/programming/comments/1qjgwt2/using_kadepy_python_to_communicate_with_nodejs/
<!-- SC_OFF -->Hey everyone, I recently released KadePy, a Python library inspired by Hyperswarm, with the goal of enabling P2P communication between Python and Node.js using the same swarm/discovery concepts. I've been experimenting with a setup since: Python uses KadePy Node.js uses Hyperswarm Both enter the same thread and exchange binary messages/streams2 So far, it's a function for basic messages, but I'd like to receive feedback from people with more experiences with: Hyperswarm Internal Operation P2 P Networks Communication between runtime environments (Python ↔ Node.js) Something questions: Are there any issues encountered when confusing Python-based peers with Hyperswarm peers in Node.js? Anything recommended for message inquiries, handshakes, or broadcast protocols? Do anyone have performance or security issues with a C extension approach to CPython? Would it make sense to completely mirror a Hyperswarm API or maintain a more Pythonic abstraction? For those curious, the project is open source and still in its early stages. I'd greatly appreciate any feedback, criticism, or ideas from the community. Thank you! <!-- SC_ON --> submitted by /u/Shoddy_Use_473 (https://www.reddit.com/user/Shoddy_Use_473)
[link] (https://github.com/on00dev/KadePy.git) [comments] (https://www.reddit.com/r/programming/comments/1qjgwt2/using_kadepy_python_to_communicate_with_nodejs/)
https://www.reddit.com/r/programming/comments/1qjgwt2/using_kadepy_python_to_communicate_with_nodejs/
<!-- SC_OFF -->Hey everyone, I recently released KadePy, a Python library inspired by Hyperswarm, with the goal of enabling P2P communication between Python and Node.js using the same swarm/discovery concepts. I've been experimenting with a setup since: Python uses KadePy Node.js uses Hyperswarm Both enter the same thread and exchange binary messages/streams2 So far, it's a function for basic messages, but I'd like to receive feedback from people with more experiences with: Hyperswarm Internal Operation P2 P Networks Communication between runtime environments (Python ↔ Node.js) Something questions: Are there any issues encountered when confusing Python-based peers with Hyperswarm peers in Node.js? Anything recommended for message inquiries, handshakes, or broadcast protocols? Do anyone have performance or security issues with a C extension approach to CPython? Would it make sense to completely mirror a Hyperswarm API or maintain a more Pythonic abstraction? For those curious, the project is open source and still in its early stages. I'd greatly appreciate any feedback, criticism, or ideas from the community. Thank you! <!-- SC_ON --> submitted by /u/Shoddy_Use_473 (https://www.reddit.com/user/Shoddy_Use_473)
[link] (https://github.com/on00dev/KadePy.git) [comments] (https://www.reddit.com/r/programming/comments/1qjgwt2/using_kadepy_python_to_communicate_with_nodejs/)
Do not fall for complex technology
https://www.reddit.com/r/programming/comments/1qjs5rf/do_not_fall_for_complex_technology/
submitted by /u/f311a (https://www.reddit.com/user/f311a)
[link] (https://rushter.com/blog/complex-tech/) [comments] (https://www.reddit.com/r/programming/comments/1qjs5rf/do_not_fall_for_complex_technology/)
https://www.reddit.com/r/programming/comments/1qjs5rf/do_not_fall_for_complex_technology/
submitted by /u/f311a (https://www.reddit.com/user/f311a)
[link] (https://rushter.com/blog/complex-tech/) [comments] (https://www.reddit.com/r/programming/comments/1qjs5rf/do_not_fall_for_complex_technology/)
Why I Still Write Code as an Engineering Manager
https://www.reddit.com/r/programming/comments/1qjy33v/why_i_still_write_code_as_an_engineering_manager/
submitted by /u/Acceptable-Courage-9 (https://www.reddit.com/user/Acceptable-Courage-9)
[link] (https://terriblesoftware.org/2026/01/22/why-i-still-write-code-as-an-engineering-manager/) [comments] (https://www.reddit.com/r/programming/comments/1qjy33v/why_i_still_write_code_as_an_engineering_manager/)
https://www.reddit.com/r/programming/comments/1qjy33v/why_i_still_write_code_as_an_engineering_manager/
submitted by /u/Acceptable-Courage-9 (https://www.reddit.com/user/Acceptable-Courage-9)
[link] (https://terriblesoftware.org/2026/01/22/why-i-still-write-code-as-an-engineering-manager/) [comments] (https://www.reddit.com/r/programming/comments/1qjy33v/why_i_still_write_code_as_an_engineering_manager/)
Announcing winapp, the Windows App Development CLI
https://www.reddit.com/r/programming/comments/1qk0vip/announcing_winapp_the_windows_app_development_cli/
submitted by /u/_AACO (https://www.reddit.com/user/_AACO)
[link] (https://blogs.windows.com/windowsdeveloper/2026/01/22/announcing-winapp-the-windows-app-development-cli/) [comments] (https://www.reddit.com/r/programming/comments/1qk0vip/announcing_winapp_the_windows_app_development_cli/)
https://www.reddit.com/r/programming/comments/1qk0vip/announcing_winapp_the_windows_app_development_cli/
submitted by /u/_AACO (https://www.reddit.com/user/_AACO)
[link] (https://blogs.windows.com/windowsdeveloper/2026/01/22/announcing-winapp-the-windows-app-development-cli/) [comments] (https://www.reddit.com/r/programming/comments/1qk0vip/announcing_winapp_the_windows_app_development_cli/)
Your Microservices architecture is failing because your Product Topology is a mess
https://www.reddit.com/r/programming/comments/1qk32sr/your_microservices_architecture_is_failing/
submitted by /u/ArtisticProgrammer11 (https://www.reddit.com/user/ArtisticProgrammer11)
[link] (https://www.hyperact.co.uk/blog/product-topology) [comments] (https://www.reddit.com/r/programming/comments/1qk32sr/your_microservices_architecture_is_failing/)
https://www.reddit.com/r/programming/comments/1qk32sr/your_microservices_architecture_is_failing/
submitted by /u/ArtisticProgrammer11 (https://www.reddit.com/user/ArtisticProgrammer11)
[link] (https://www.hyperact.co.uk/blog/product-topology) [comments] (https://www.reddit.com/r/programming/comments/1qk32sr/your_microservices_architecture_is_failing/)
Tree-sitter vs. LSP
https://www.reddit.com/r/programming/comments/1qk6gvw/treesitter_vs_lsp/
submitted by /u/brightlystar (https://www.reddit.com/user/brightlystar)
[link] (https://lambdaland.org/posts/2026-01-21_tree-sitter_vs_lsp/) [comments] (https://www.reddit.com/r/programming/comments/1qk6gvw/treesitter_vs_lsp/)
https://www.reddit.com/r/programming/comments/1qk6gvw/treesitter_vs_lsp/
submitted by /u/brightlystar (https://www.reddit.com/user/brightlystar)
[link] (https://lambdaland.org/posts/2026-01-21_tree-sitter_vs_lsp/) [comments] (https://www.reddit.com/r/programming/comments/1qk6gvw/treesitter_vs_lsp/)
So, why *should* GNOME support server side decorations?
https://www.reddit.com/r/programming/comments/1qk6o0i/so_why_should_gnome_support_server_side/
submitted by /u/symbolicard (https://www.reddit.com/user/symbolicard)
[link] (https://blister.zip/posts/gnome-ssd/) [comments] (https://www.reddit.com/r/programming/comments/1qk6o0i/so_why_should_gnome_support_server_side/)
https://www.reddit.com/r/programming/comments/1qk6o0i/so_why_should_gnome_support_server_side/
submitted by /u/symbolicard (https://www.reddit.com/user/symbolicard)
[link] (https://blister.zip/posts/gnome-ssd/) [comments] (https://www.reddit.com/r/programming/comments/1qk6o0i/so_why_should_gnome_support_server_side/)
The Markdown Exfiltrator: Turning AI Rendering into a Data-Stealing Tool
https://www.reddit.com/r/programming/comments/1qkp1bt/the_markdown_exfiltrator_turning_ai_rendering/
submitted by /u/JadeLuxe (https://www.reddit.com/user/JadeLuxe)
[link] (https://instatunnel.my/blog/the-markdown-exfiltrator-turning-ai-rendering-into-a-data-stealing-tool) [comments] (https://www.reddit.com/r/programming/comments/1qkp1bt/the_markdown_exfiltrator_turning_ai_rendering/)
https://www.reddit.com/r/programming/comments/1qkp1bt/the_markdown_exfiltrator_turning_ai_rendering/
submitted by /u/JadeLuxe (https://www.reddit.com/user/JadeLuxe)
[link] (https://instatunnel.my/blog/the-markdown-exfiltrator-turning-ai-rendering-into-a-data-stealing-tool) [comments] (https://www.reddit.com/r/programming/comments/1qkp1bt/the_markdown_exfiltrator_turning_ai_rendering/)
Improving the usability of C libraries in Swift
https://www.reddit.com/r/programming/comments/1qkpf5z/improving_the_usability_of_c_libraries_in_swift/
submitted by /u/TheTwelveYearOld (https://www.reddit.com/user/TheTwelveYearOld)
[link] (https://www.swift.org/blog/improving-usability-of-c-libraries-in-swift/) [comments] (https://www.reddit.com/r/programming/comments/1qkpf5z/improving_the_usability_of_c_libraries_in_swift/)
https://www.reddit.com/r/programming/comments/1qkpf5z/improving_the_usability_of_c_libraries_in_swift/
submitted by /u/TheTwelveYearOld (https://www.reddit.com/user/TheTwelveYearOld)
[link] (https://www.swift.org/blog/improving-usability-of-c-libraries-in-swift/) [comments] (https://www.reddit.com/r/programming/comments/1qkpf5z/improving_the_usability_of_c_libraries_in_swift/)
The Cscript Style Guide - A valid but opinionated subset of C.
https://www.reddit.com/r/programming/comments/1qksakp/the_cscript_style_guide_a_valid_but_opinionated/
submitted by /u/domenukk (https://www.reddit.com/user/domenukk)
[link] (https://github.com/domenukk/CScript) [comments] (https://www.reddit.com/r/programming/comments/1qksakp/the_cscript_style_guide_a_valid_but_opinionated/)
https://www.reddit.com/r/programming/comments/1qksakp/the_cscript_style_guide_a_valid_but_opinionated/
submitted by /u/domenukk (https://www.reddit.com/user/domenukk)
[link] (https://github.com/domenukk/CScript) [comments] (https://www.reddit.com/r/programming/comments/1qksakp/the_cscript_style_guide_a_valid_but_opinionated/)
AI Usage Policy
https://www.reddit.com/r/programming/comments/1qkset2/ai_usage_policy/
submitted by /u/iamkeyur (https://www.reddit.com/user/iamkeyur)
[link] (https://github.com/ghostty-org/ghostty/blob/main/AI_POLICY.md) [comments] (https://www.reddit.com/r/programming/comments/1qkset2/ai_usage_policy/)
https://www.reddit.com/r/programming/comments/1qkset2/ai_usage_policy/
submitted by /u/iamkeyur (https://www.reddit.com/user/iamkeyur)
[link] (https://github.com/ghostty-org/ghostty/blob/main/AI_POLICY.md) [comments] (https://www.reddit.com/r/programming/comments/1qkset2/ai_usage_policy/)
Why does SSH send 100 packets per keystroke?
https://www.reddit.com/r/programming/comments/1qksfgi/why_does_ssh_send_100_packets_per_keystroke/
submitted by /u/iamkeyur (https://www.reddit.com/user/iamkeyur)
[link] (https://eieio.games/blog/ssh-sends-100-packets-per-keystroke/) [comments] (https://www.reddit.com/r/programming/comments/1qksfgi/why_does_ssh_send_100_packets_per_keystroke/)
https://www.reddit.com/r/programming/comments/1qksfgi/why_does_ssh_send_100_packets_per_keystroke/
submitted by /u/iamkeyur (https://www.reddit.com/user/iamkeyur)
[link] (https://eieio.games/blog/ssh-sends-100-packets-per-keystroke/) [comments] (https://www.reddit.com/r/programming/comments/1qksfgi/why_does_ssh_send_100_packets_per_keystroke/)
Scaling PostgreSQL to power 800 million ChatGPT users - OpenAI Engineering Blog
https://www.reddit.com/r/programming/comments/1qkwhb0/scaling_postgresql_to_power_800_million_chatgpt/
submitted by /u/vladmihalceacom (https://www.reddit.com/user/vladmihalceacom)
[link] (https://openai.com/index/scaling-postgresql/) [comments] (https://www.reddit.com/r/programming/comments/1qkwhb0/scaling_postgresql_to_power_800_million_chatgpt/)
https://www.reddit.com/r/programming/comments/1qkwhb0/scaling_postgresql_to_power_800_million_chatgpt/
submitted by /u/vladmihalceacom (https://www.reddit.com/user/vladmihalceacom)
[link] (https://openai.com/index/scaling-postgresql/) [comments] (https://www.reddit.com/r/programming/comments/1qkwhb0/scaling_postgresql_to_power_800_million_chatgpt/)
Malicious PyPI Packages spellcheckpy and spellcheckerpy Deliver Python RAT
https://www.reddit.com/r/programming/comments/1qkwrks/malicious_pypi_packages_spellcheckpy_and/
<!-- SC_OFF -->Please forgive my "Shell-check" dad joke it was too easy, had to be done. At Aikido Security we just found two malicious PyPI packages, spellcheckpy and spellcheckerpy, impersonating the legit pyspellchecker… and the malware authors got pretty creative. Instead of the usual suspects (postinstall scripts, suspicious __init__.py), they buried the payload inside: 📦 resources/eu.json.gz …a file that normally contains Basque word frequencies in the real package. And the extraction function in utils.py looks totally harmless: def test_file(filepath: PathOrStr, encoding: str, index: str): filepath = f"{os.path.join(os.path.dirname(__file__), 'resources')}/{filepath}.json.gz" with gzip.open(filepath, "rt", encoding=encoding) as f: data = json.loads(f.read()) return data[index] Nothing screams “RAT” here, right? But when called like this: test_file("eu", "utf-8", "spellchecker") …it doesn’t return word frequencies. It returns a base64-encoded downloader hidden inside the dictionary entries under the key spellchecker. That downloader then pulls down a Python RAT — turning an innocent spelling helper into code that can: - Execute arbitrary commands remotely
- Read files on disk
- Grab system info or screenshots
- …and generally turn your machine into their machine So yeah… you weren’t fixing typos — you were installing a tiny remote employee with zero onboarding and full permissions. We reported both packages to PyPI, and they’ve now been removed.
(Shoutout to the PyPI team for moving fast.) Checkout the full article here -> https://www.aikido.dev/blog/malicious-pypi-packages-spellcheckpy-and-spellcheckerpy-deliver-python-rat <!-- SC_ON --> submitted by /u/Advocatemack (https://www.reddit.com/user/Advocatemack)
[link] (https://www.aikido.dev/blog/malicious-pypi-packages-spellcheckpy-and-spellcheckerpy-deliver-python-rat) [comments] (https://www.reddit.com/r/programming/comments/1qkwrks/malicious_pypi_packages_spellcheckpy_and/)
https://www.reddit.com/r/programming/comments/1qkwrks/malicious_pypi_packages_spellcheckpy_and/
<!-- SC_OFF -->Please forgive my "Shell-check" dad joke it was too easy, had to be done. At Aikido Security we just found two malicious PyPI packages, spellcheckpy and spellcheckerpy, impersonating the legit pyspellchecker… and the malware authors got pretty creative. Instead of the usual suspects (postinstall scripts, suspicious __init__.py), they buried the payload inside: 📦 resources/eu.json.gz …a file that normally contains Basque word frequencies in the real package. And the extraction function in utils.py looks totally harmless: def test_file(filepath: PathOrStr, encoding: str, index: str): filepath = f"{os.path.join(os.path.dirname(__file__), 'resources')}/{filepath}.json.gz" with gzip.open(filepath, "rt", encoding=encoding) as f: data = json.loads(f.read()) return data[index] Nothing screams “RAT” here, right? But when called like this: test_file("eu", "utf-8", "spellchecker") …it doesn’t return word frequencies. It returns a base64-encoded downloader hidden inside the dictionary entries under the key spellchecker. That downloader then pulls down a Python RAT — turning an innocent spelling helper into code that can: - Execute arbitrary commands remotely
- Read files on disk
- Grab system info or screenshots
- …and generally turn your machine into their machine So yeah… you weren’t fixing typos — you were installing a tiny remote employee with zero onboarding and full permissions. We reported both packages to PyPI, and they’ve now been removed.
(Shoutout to the PyPI team for moving fast.) Checkout the full article here -> https://www.aikido.dev/blog/malicious-pypi-packages-spellcheckpy-and-spellcheckerpy-deliver-python-rat <!-- SC_ON --> submitted by /u/Advocatemack (https://www.reddit.com/user/Advocatemack)
[link] (https://www.aikido.dev/blog/malicious-pypi-packages-spellcheckpy-and-spellcheckerpy-deliver-python-rat) [comments] (https://www.reddit.com/r/programming/comments/1qkwrks/malicious_pypi_packages_spellcheckpy_and/)