VeraCrypt blocked by code-signing & Anthropic Glasswing AI security push - Hacker News (Apr 8, 2026)
VeraCrypt Windows updates stall after Microsoft ends code-signing access, plus AI-driven vuln hunting, Git-risk shortcuts, Artemis II Moon images, and more.
Our Sponsors
Today's Hacker News Topics
-
VeraCrypt blocked by code-signing
— VeraCrypt maintainer Mounir Idrassi says Microsoft terminated his long-used Windows driver signing account with no warning or appeal, freezing Windows releases. Keywords: VeraCrypt, code signing, Windows drivers, Secure Boot, supply chain trust. -
Anthropic Glasswing AI security push
— Anthropic’s Project Glasswing uses an unreleased Claude Mythos 2 Preview model with partners to find and help patch high-severity vulnerabilities faster than most humans. Keywords: AI security, zero-days, vulnerability research, critical infrastructure, disclosure. -
Read Git history before code
— A developer argues the fastest way to assess a new codebase is to start with Git history to spot churn, ownership concentration, bug hotspots, and risky revert patterns. Keywords: Git, churn, hotspots, maintainability, engineering risk. -
Markdown notes as context graph
— A plain Markdown knowledge base with Obsidian-style links can behave like a lightweight graph database that improves AI outputs by preserving project decisions and context. Keywords: knowledge base, Markdown, wikilinks, context engineering, LLM. -
Side projects fuel engineering growth
— An essay connects enterprise “skyscraper” engineering discipline with “shed” side projects, arguing personal building time prevents burnout and sharpens judgment. Keywords: side projects, burnout, systems thinking, experimentation, career. -
Open-source agent shifts ownership
— Mario Zechner moved the open-source coding agent ‘pi’ under Earendil, keeping an MIT core while signaling potential paid or proprietary add-ons. Keywords: open source, governance, licensing, MIT, sustainability. -
DIY robot vacuum learns poorly
— Two roommates built a low-cost robot vacuum and trained a behavior-cloned CNN, but real-world navigation stayed inconsistent—highlighting how data quality beats model tweaks. Keywords: robotics, behavior cloning, dataset quality, autonomy, edge cases. -
Music-reactive LEDs meet mel scale
— A decade-long open-source LED music visualizer improved by mapping audio to the mel scale, making limited LED strips feel more ‘musical’ to humans. Keywords: DSP, mel scale, visualization, perception, LEDs. -
Revision 2026 demoscene highlights
— A full recording of Revision 2026’s PC Demo compo preserves the demoscene’s latest real-time graphics craft and a much-discussed finale for wider viewing. Keywords: demoscene, real-time rendering, PC demo, archive, creative coding. -
Artemis II far-side Moon photos
— NASA released Artemis II lunar flyby images, including a striking in-space solar eclipse and far-side views, underscoring Orion’s crewed deep-space readiness. Keywords: NASA, Artemis II, Orion, Moon far side, eclipse imagery.
Sources & Hacker News References
- → Five Git History Checks to Spot Codebase Risk Before Reading the Code
- → VeraCrypt Developer Says Microsoft Terminated Signing Account, Blocking Windows Releases
- → Mario Zechner Joins Earendil and Transfers pi Coding Agent Project
- → Revision 2026 PC Demo Compo Video Archives Full Competition Lineup
- → Anthropic Launches Project Glasswing to Use Frontier AI for Defensive Software Security
- → How a Markdown Vault and Wikilinks Turn Your File System into a Graph Knowledge Base
- → NASA Releases First Artemis II Photos From Lunar Flyby, Including In-Space Eclipse
- → DIY Robot Vacuum Project Struggles with Behavior-Cloning Navigation Reliability
- → Why Building a Good Audio-Reactive LED Strip Requires Perceptual Audio and Lighting Models
- → Dylan Butler’s Case for Protecting Personal Side Projects in Software Engineering
Full Episode Transcript: VeraCrypt blocked by code-signing & Anthropic Glasswing AI security push
A major open-source security tool may be unable to ship Windows updates—not because of a bug, but because a critical code-signing account was suddenly shut off with no clear path to appeal. Welcome to The Automated Daily, hacker news edition. The podcast created by generative AI. I’m TrendTeller, and today is april-8th-2026. Let’s get into what’s moving fast, what’s breaking, and what that means for builders.
VeraCrypt blocked by code-signing
Let’s start with VeraCrypt. Its developer, Mounir Idrassi, says he’s been knocked off course for months, and the biggest reason is blunt: Microsoft terminated the account he used to sign Windows drivers and the bootloader. No warning, no explanation, and—according to him—no appeal. That’s not just an admin headache; it effectively blocks shipping new signed Windows builds, and Windows is where most VeraCrypt users are. The bigger takeaway is how fragile critical open-source infrastructure can be when distribution depends on a single vendor-controlled trust gate. Even if the code is fine, the ability to deliver updates can disappear overnight.
Anthropic Glasswing AI security push
Staying in security, Anthropic announced Project Glasswing, a partnership program that uses an unreleased model—Claude Mythos 2 Preview—to hunt vulnerabilities in critical software. Anthropic claims the model is already turning up large numbers of high-severity issues across things like operating systems and widely used components, and they’re emphasizing delayed disclosure so fixes land before details go public. Why this matters: the cost of finding serious bugs is dropping, and the speed is going up—meaning defenders need to scale their response just to keep pace. Whether or not every claim holds up under scrutiny, the direction is clear: AI is accelerating both discovery and exploitation, and “secure by default” is no longer a slogan—it’s survival.
Read Git history before code
On the engineering-practice side, there’s a sharp suggestion for anyone onboarding to a new codebase: start with Git history before you even open files. The idea is to use commit patterns as a quick risk map—high-churn areas that keep changing, places where fixes cluster, and sections with concentrated ownership where one person carries the context. You’re not trying to learn everything from commits; you’re trying to figure out where the codebase is fragile, where delivery is chaotic, and where questions will cost you the most time. It’s a pragmatic reminder that software has a social history, and the repo already tells you who’s been firefighting.
Markdown notes as context graph
That theme—context as leverage—also showed up in a piece arguing that a personal knowledge base made of plain Markdown notes and simple wikilinks is basically a graph database you can carry around. The pitch isn’t “make a prettier wiki.” It’s “make better inputs” for future work, especially when you’re asking an AI assistant to draft a design doc, a handoff, or a recap. When notes are linked by people and projects, you stop relying on vague memory and start pulling in the actual trail of decisions. The unresolved hard part is still the boring one: consistently processing the inbox of stuff you capture so it doesn’t become a junk drawer.
Side projects fuel engineering growth
Another essay drew a clean line between big-company engineering and side projects—and then argued they’re not opposites at all. At work, you learn to build like a skyscraper: reviews, tests, and careful changes because failures are expensive. At home, you build like a shed: fast experiments, low stakes, and the freedom to try weird tools. The point is that each reinforces the other. Personal tinkering keeps curiosity alive and prevents you from becoming “just a ticket closer,” while professional discipline can gradually upgrade your hobby code from a pile of hacks into something resilient. It’s a quiet career strategy: protect your ability to build for yourself.
Open-source agent shifts ownership
In open-source governance news, Mario Zechner announced he’s bringing his coding agent project, pi, under a company umbrella—Earendil—while keeping the core MIT-licensed. The headline here isn’t a feature release; it’s expectations. Ownership moves, trademarks and repos shift, and the project’s future may include paid features or proprietary components alongside an open core. For users and contributors, these transitions can be either stabilizing or disruptive, depending on how transparent the roadmap stays and how well the community’s trust is handled. Sustainability is real—but so is the risk of a project’s center of gravity changing.
DIY robot vacuum learns poorly
On the DIY AI front, two roommates tried building a low-cost robot vacuum and trained it with behavior cloning—basically teaching by example from recorded teleoperation. The result worked, but not reliably: oscillations, random reverses, and occasional confidence in the wrong direction. Their takeaway is familiar to anyone who’s shipped ML into the physical world: model tweaks can’t rescue messy demonstrations and ambiguous training signals. Robotics is where “it kinda works” can still be frustrating, because your mistakes bump into furniture.
Music-reactive LEDs meet mel scale
For makers who want tech that feels good—not just accurate—there’s a long-running open-source LED music visualizer story that landed on a surprisingly human insight. With so few LEDs, you can’t afford a display that technically reflects the spectrum but looks meaningless. The author’s breakthrough was mapping sound using the mel scale, which better matches how people perceive pitch and musical change. The larger lesson is that perception is part of the spec. If your output is for humans, the right transformation is often the one that matches what we notice, not what the raw data says.
Revision 2026 demoscene highlights
On the creative computing side, a full recording of Revision 2026’s PC Demo competition went up, preserving the live screening and commentary. Even if you’re not deep in the demoscene, these archives are valuable: they’re a time capsule of what real-time graphics and audiovisual synchronization look like when they’re pushed as art, not product. And as always with demoparties, the conversation isn’t just “how did they do it,” but “what did it feel like,” especially when a finale lands as a shared cultural moment for the community.
Artemis II far-side Moon photos
And finally, space: NASA released the first images from the Artemis II crew’s lunar flyby, including far-side views and a striking in-space solar eclipse—where the Moon is backlit and you still see faint surface detail from Earthlight. Beyond the beauty shots, this is a signal that Orion and crewed deep-space operations are getting real-world validation. Artemis II is fundamentally a test mission, and these releases are the public-facing proof that the mission is executing the kind of navigation, imaging, and operations you need before attempting the next steps toward sustained lunar presence.
That’s the rundown for april-8th-2026. If there’s a single thread today, it’s that the hard parts aren’t always technical—sometimes they’re trust, context, and the systems around the code. Links to all stories can be found in the episode notes. Thanks for listening—until next time.