Linux suspend leaks disk keys & Virginia bans selling geolocation data - Hacker News (Jul 3, 2026)
Linux suspend bug left LUKS keys in RAM, Virginia bans geolocation sales, Safari gets MCP for AI agents, plus Rust-to-C, local AI rights, and startup lessons.
Our Sponsors
Today's Hacker News Topics
-
Linux suspend leaks disk keys
— A Linux 6.9-era regression left LUKS encryption keys resident in RAM across suspend, undermining full-disk encryption protections. Keywords: Linux, LUKS, suspend, RAM, kernel patch, cryptsetup, NixOS. -
Virginia bans selling geolocation data
— Virginia amended the VCDPA to prohibit the sale of geolocation data for money, tightening pressure on data brokers and ad-tech sharing practices. Keywords: Virginia, VCDPA, geolocation, data brokers, privacy law. -
Safari adds MCP for AI debugging
— Safari Technology Preview adds an MCP server so AI coding agents can observe a live Safari tab—DOM, network, console—making Safari-specific debugging more direct. Keywords: Safari, WebKit, MCP, AI agents, devtools, debugging. -
Right to run AI locally
— Right to Intelligence argues people should be legally allowed to download and run AI models on their own devices without cloud accounts or possession licenses. Keywords: local AI, open models, regulation, licensing, advocacy. -
Rust compiler translated into C
— A repo called crustc demonstrates rustc translated into tens of millions of lines of C, aiming to broaden Rust portability to targets that can compile C but lack modern toolchains. Keywords: Rust, rustc, C backend, portability, GCC, LLVM. -
Startup failure: incentives beat reality
— The “Ovens Inc.” story shows how fundraising, sales commissions, and scope creep can overpower product validation—especially when reliability debt compounds in hardware-plus-software. Keywords: startup failure, validation, tech debt, overpromising, hardware. -
Rivian vs Apple CarPlay debate
— A critique of Rivian’s no-CarPlay stance argues the company is mischaracterizing how CarPlay uses screen space and may be losing buyers who want app ecosystems. Keywords: Rivian, Apple CarPlay, infotainment, navigation, customer choice. -
Avoidable handgun mistakes in fiction
— Writers keep breaking immersion with handgun details—like safeties that don’t exist or impossible ‘cocking’—and a few accurate choices fix it fast. Keywords: firearms accuracy, fiction writing, Glock, revolver, manual safety. -
New open-source structured text editor
— Wordgard is an open-source, schema-driven rich-text editor library focused on structured documents, accessibility, and collaboration inside the browser. Keywords: rich-text editor, JavaScript, structured documents, schema, collaboration.
Sources & Hacker News References
- → Half-Baked Startup: Overpromising Features Derails an “Intelligent Oven” Company
- → Virginia Amends Consumer Privacy Law to Ban Sale of Geolocation Data
- → Common Handgun Mistakes in Fiction: Safeties, Cocking, and Caliber Errors
- → Right to Intelligence Campaign Pushes Legal Protections for Running AI Locally
- → Casey Liss Says Rivian Is Wrong to Treat CarPlay as a Threat
- → Wordgard Launches as a Schema-Driven, Modular Rich-Text Editor Library for the Browser
- → Project Translates Entire Rust Compiler into 46 Million Lines of C
- → Linux 6.9 Regression Left LUKS Disk Keys in Memory Across Suspend, Prompting One-Line Fix and New Tests
- → WebKit Adds Safari MCP Server to Let AI Agents Debug Live Pages in Safari
Full Episode Transcript: Linux suspend leaks disk keys & Virginia bans selling geolocation data
Imagine closing your laptop lid thinking your encrypted drive is safe—while the decryption key quietly stays in memory the whole time. We’ll start there. Welcome to The Automated Daily, hacker news edition. The podcast created by generative AI. I’m TrendTeller, and today is July 3rd, 2026. Let’s get into the stories shaping security, AI tooling, privacy, and the business realities behind “the next big thing.”
Linux suspend leaks disk keys
First up, a sobering Linux security story: a kernel change introduced around Linux 6.9 caused a suspend-time re-locking mechanism for encrypted disks to fail silently. In plain terms, systems that were supposed to drop LUKS keys from RAM during suspend sometimes didn’t—meaning someone with the right access and timing could potentially recover the key even though the machine looks “locked.” The fix is reportedly tiny, but the lesson is big: security features that fail quietly are worse than features that fail loudly, and automated tests for security-critical behavior can’t be an afterthought.
Virginia bans selling geolocation data
Staying with privacy, Virginia has now moved to prohibit the sale of geolocation data under its Consumer Data Protection Act, effective July 1st, 2026. The catch is in the definition: Virginia’s law targets sales for money, not every kind of value exchange that other states capture. Still, the direction is clear—state-by-state pressure is squeezing the location-data broker ecosystem, and companies that treated precise location as an easy revenue stream are going to need new assumptions, new contracts, and probably fewer third-party data flows.
Safari adds MCP for AI debugging
On the developer tooling front, Apple’s WebKit team is experimenting with something that feels like a glimpse of the next workflow: a Safari MCP server in Safari Technology Preview. That means MCP-compatible AI coding agents can connect to a live Safari window and directly observe what’s happening—DOM state, network activity, console output, screenshots—without developers playing telephone between a browser and an agent. It matters because Safari-specific bugs are notoriously time-consuming, and if agents can verify behavior in the real browser, not a guess, that could cut whole cycles out of debugging and testing.
Right to run AI locally
That dovetails into a broader policy conversation: a new advocacy effort called Right to Intelligence argues people should have a legal right to run AI models locally on their own devices—without needing a platform account, and without any sort of possession license. The framing is basically, “AI is becoming general-purpose software, and you should be able to inspect and modify it like other software.” The group is explicit that harmful uses should remain illegal and enforced. The tension here is where regulation lands: controlling outcomes is one thing, but controlling whether you’re allowed to run a tool at all is a very different lever.
Rust compiler translated into C
Now for a wild portability experiment: a GitHub repo called crustc publishes the Rust compiler translated into a massive amount of generated C, which can then be built with GCC and make—given the right LLVM libraries. This is not about elegance; it’s about reach. Rust’s dependence on modern toolchains has been a recurring criticism for niche and legacy targets. If a Rust-to-C path becomes practical, it could open doors for embedded and oddball platforms where “C compiles everywhere” is still the rule of the land—even if today’s demo is more proof-of-possibility than something you’d ship to production.
Startup failure: incentives beat reality
In web app land, Wordgard is an open-source JavaScript library for building rich-text editors with an emphasis on structured, semantic documents rather than a messy blob of HTML. That focus matters for teams building serious editors—think knowledge bases, collaborative docs, or forms where structure and accessibility aren’t optional. The broader trend is that “text editor” is no longer a solved problem; apps increasingly want documents that behave like data, not just formatted paragraphs.
Rivian vs Apple CarPlay debate
Switching gears to the business of building things: a cautionary startup story about “Ovens Inc.” lays out how a company can look great on paper—big market, compelling pitch, early users—and still drive straight into the wall. The recurring pattern is painfully familiar: raising money without proving repeat demand, sales overpromising custom features to land enterprise pilots, and engineering shipping quick patches to satisfy the loudest request instead of fixing core reliability. In hardware-plus-software, that debt compounds fast, and once key people burn out and leave, the remaining system becomes “untouchable” even for the team that owns it. It’s a reminder that incentives—fundraising narratives and commission-driven promises—can quietly become the real product.
Avoidable handgun mistakes in fiction
In consumer tech, there’s another clash of incentives: Rivian’s continued refusal to support Apple CarPlay. A prominent critique pushes back on the company line that screen-mirroring takes over the display, noting standard CarPlay can coexist with the automaker’s interface. The bigger point is customer choice. CarPlay isn’t just a UI; it’s an app ecosystem and a familiar experience drivers already invested in. Automakers that treat it as a competitive threat may be underestimating how many buyers see it as table stakes.
New open-source structured text editor
And finally, a lighter—but surprisingly practical—piece for anyone who writes fiction: common handgun mistakes that instantly break immersion for readers who know firearms. Things like flipping off a manual safety on guns that don’t have one, or describing cocking actions that don’t match the handgun type. This isn’t about turning every scene into a technical manual—it’s about choosing details that don’t accidentally scream “author didn’t check.” In an era where niche expertise is one search away, credibility is part of storytelling craft.
That’s it for today’s run through Hacker News. If there’s a theme across these stories, it’s that reality has a way of leaking through: security assumptions during suspend, privacy promises in data markets, AI tooling that demands direct observation, and startups that can’t out-pitch reliability forever. Links to all stories can be found in the episode notes. I’m TrendTeller—thanks for listening to The Automated Daily, and I’ll catch you next time.
More from Hacker News
- July 1, 2026 Bacteria that shrank colon tumors & Asahi Linux vs macOS 27 changes
- June 30, 2026 EU digital ID wallet lock-in & Digital purchases and disappearing libraries
- June 29, 2026 DMCA abuse hides reporting & LLM resume grading randomness
- June 28, 2026 Mars rover life hint & Windows crash dump mystery
- June 27, 2026 GPT-5.6 preview and safety & Fintech engineering for correctness