25376
Top stories from https://news.ycombinator.com (with 100+ score) Contribute to the development here: https://github.com/phil-r/hackernewsbot Also check https://t.me/designer_news Contacts: @philr
Show HN: Using eBPF to see through encryption without a proxy (Score: 151+ in 4 hours)
Link: https://readhacker.news/s/6u9GG
Comments: https://readhacker.news/c/6u9GG
Hi HN, I'm Tyler Flint, one of the creators of qtap.
For a while now, my team and I at Qpoint.io have been grappling with the challenge of understanding what's actually happening inside the encrypted traffic leaving our production systems. Modern apps rely heavily on third-party APIs (think payment processors, data providers, etc.), but once TLS kicks in, figuring out exactly what data is being sent, identifying PII exposure, or debugging integration issues becomes incredibly difficult without resorting to complex and often brittle solutions.
Traditional approaches like forward proxies require terminating TLS (MITM), managing certificates, and often introduce performance bottlenecks or single points of failure. Network firewalls usually operate at L3/L4 and lack payload visibility. We felt there had to be a better way.
That's why we built qtap. It's a lightweight agent that uses eBPF to tap into network traffic at the kernel level. The key idea is to hook into common TLS libraries (like OpenSSL) before encryption and after decryption. This gives us deep visibility into the actual request/response payloads of HTTPS/TLS traffic without needing to terminate the connection or manage certs. Because it leverages eBPF, the performance impact is minimal compared to traditional methods.
With qtap, we can now see exactly which external services our apps are talking to, inspect the payloads for debugging or security auditing (e.g., spotting accidental PII leaks), monitor API performance/errors for third-party dependencies, and get a much clearer picture of our egress traffic patterns.
We've found this approach really powerful for improving reliability and security posture. We've packaged qtap as a Linux Binary, Docker container, and Helm chart for deployment.
This is still evolving, but we're excited about the potential of using eBPF for this kind of deep, yet non-intrusive, visibility.
We'd love to get the HN community's feedback:
Do you face similar challenges monitoring encrypted egress traffic?
What are your thoughts on using eBPF for this compared to other methods?
Any suggestions or potential use cases we haven't considered?
Reservoir Sampling (🔥 Score: 151+ in 3 hours)
Link: https://readhacker.news/s/6u9Ld
Comments: https://readhacker.news/c/6u9Ld
Chicago native Cardinal Prevost elected pope, takes name Leo XIV (🔥 Score: 168+ in 1 hour)
Link: https://readhacker.news/s/6u9TQ
Comments: https://readhacker.news/c/6u9TQ
Void: Open-source Cursor alternative (🔥 Score: 152+ in 1 hour)
Link: https://readhacker.news/s/6u9Dg
Comments: https://readhacker.news/c/6u9Dg
https://voideditor.com/download-beta
How to harden GitHub Actions (❄️ Score: 150+ in 2 days)
Link: https://readhacker.news/s/6tZ7Q
Comments: https://readhacker.news/c/6tZ7Q
Microservices are a tax your startup probably can't afford (🔥 Score: 157+ in 3 hours)
Link: https://readhacker.news/s/6u8YW
Comments: https://readhacker.news/c/6u8YW
Ask HN: What are good high information density UIs (screenshots, apps, sites) (🔥 Score: 161+ in 3 hours)
Link: https://readhacker.news/c/6u8W6
Just yesterday I tried to find examples of good high information density UIs... and seems to be an impossible task.
Search engines are full to the brim with vague articles repeating each other's talking points, and exception being this blog post by Matthew Ström: https://matthewstrom.com/writing/ui-density/
Image search is no better, with largely irrelevant results.
In the age when everything is spaced out and zoned out gray on gray, what are your go-to examples of UIs that pack a lot of info?
OpenAI for Countries (Score: 150+ in 18 hours)
Link: https://readhacker.news/s/6u7hD
Comments: https://readhacker.news/c/6u7hD
Using NASA’s SMAP satellite to detect L-band interference (🔥 Score: 151+ in 3 hours)
Link: https://readhacker.news/s/6u8vy
Comments: https://readhacker.news/c/6u8vy
Yggdrasil is an experimental compact routing scheme that is fully decentralised (Score: 150+ in 11 hours)
Link: https://readhacker.news/s/6u7CJ
Comments: https://readhacker.news/c/6u7CJ
Mycoria is an open and secure overlay network that connects all participants (Score: 150+ in 4 hours)
Link: https://readhacker.news/s/6u8bW
Comments: https://readhacker.news/c/6u8bW
Mac Themes Garden (Score: 150+ in 10 hours)
Link: https://readhacker.news/s/6u75n
Comments: https://readhacker.news/c/6u75n
Web search on the Anthropic API (Score: 151+ in 5 hours)
Link: https://readhacker.news/s/6u7b6
Comments: https://readhacker.news/c/6u7b6
Open source Google Analytics replacement (Score: 151+ in 6 hours)
Link: https://readhacker.news/s/6u6F6
Comments: https://readhacker.news/c/6u6F6
Show HN: eInk optimized manga with Kindle Comic Converter (+Kobo/ReMarkable) (Score: 151+ in 4 hours)
Link: https://readhacker.news/s/6u69n
Comments: https://readhacker.news/c/6u69n
Kindle Comic Converter optimizes comics and manga for eink readers like Kindle, Kobo, ReMarkable, and more. Pages display in fullscreen without margins, with proper fixed layout support. Its main feature is various optional image processing steps to look good on eink screens, which have different requirements than normal LCD screens. It also does filesize optimization by downscaling to your specific device's screen resolution, which can improve performance on underpowered ereaders. Supported input formats include folders/CBZ/CBR/PDF of JPG/PNG files and more. Supported output formats include MOBI/AZW3, EPUB, KEPUB, and CBZ.
Hey everyone! I'm the current maintainer of KCC since 2023, thanks for using it! I’ve been reading manga on Kindle ever since I got the big 9.7” Kindle DX from 2010 using mangle, and upgraded to the even bigger 10.2” Kindle Scribe 2022 using KCC.
The biggest contributions I've made to KCC are:
- added modern macOS support and removed homebrew requirement
- ported code to run on native Apple silicon M1 chip and later for a 2x speed boost (qt5->qt6)
- free open source windows codesign with SignPath - fixed Kindle Scribe support
- and tons of other various features and bug fixes and developer friendly changes
- created a legacy Windows 7 build with 300+ downloads…
The biggest community PRs were:
- huge 2x speed boosts due to various CPU/IO optimizations
- Kobo/Remarkable support
Enjoy using KCC and let me know if you have any questions!
Ghost students are creating problems for California colleges (Score: 150+ in 1 day)
Link: https://readhacker.news/s/6u6ia
Comments: https://readhacker.news/c/6u6ia
From: Steve Jobs. "Great idea, thank you." (🔥 Score: 171+ in 59 minutes)
Link: https://readhacker.news/s/6uadn
Comments: https://readhacker.news/c/6uadn
How Obama’s BlackBerry got secured (2013) (❄️ Score: 150+ in 3 days)
Link: https://readhacker.news/s/6tWrL
Comments: https://readhacker.news/c/6tWrL
First American pope elected and will be known as Pope Leo XIV (🔥 Score: 169+ in 1 hour)
Link: https://readhacker.news/s/6u9C2
Comments: https://readhacker.news/c/6u9C2
High tariffs become 'real' with our first $36K bill (🔥 Score: 179+ in 42 minutes)
Link: https://readhacker.news/s/6u9Bf
Comments: https://readhacker.news/c/6u9Bf
Google to back three new nuclear projects (🔥 Score: 154+ in 3 hours)
Link: https://readhacker.news/s/6u92y
Comments: https://readhacker.news/c/6u92y
20 years to give away virtually all my wealth (🔥 Score: 173+ in 1 hour)
Link: https://readhacker.news/s/6u95P
Comments: https://readhacker.news/c/6u95P
Inheritance was invented as a performance hack (2021) (❄️ Score: 150+ in 2 days)
Link: https://readhacker.news/s/6tZUK
Comments: https://readhacker.news/c/6tZUK
Samsung is paying $350M for audio brands B&W, Denon, Marantz and Polk (Score: 151+ in 18 hours)
Link: https://readhacker.news/s/6u6BP
Comments: https://readhacker.news/c/6u6BP
How linear regression works intuitively and how it leads to gradient descent (❄️ Score: 151+ in 2 days)
Link: https://readhacker.news/s/6tXrc
Comments: https://readhacker.news/c/6tXrc
June Huh dropped out to become a poet, now he’s won a Fields Medal (2022) (Score: 152+ in 12 hours)
Link: https://readhacker.news/s/6u7mS
Comments: https://readhacker.news/c/6u7mS
NSA spied through Angry Birds, other apps: report (2014) (Score: 152+ in 1 day)
Link: https://readhacker.news/s/6tZRG
Comments: https://readhacker.news/c/6tZRG
Create and edit images with Gemini 2.0 in preview (Score: 152+ in 8 hours)
Link: https://readhacker.news/s/6u6ip
Comments: https://readhacker.news/c/6u6ip
Mistral ships le chat – enterprise AI assistant that can run on prem (Score: 153+ in 6 hours)
Link: https://readhacker.news/s/6u5S4
Comments: https://readhacker.news/c/6u5S4
Ty: A fast Python type checker and language server, written in Rust (🔥 Score: 157+ in 2 hours)
Link: https://readhacker.news/s/6u6CE
Comments: https://readhacker.news/c/6u6CE