Hacker Newsnew | past | comments | ask | show | jobs | submit | throwaway89201's commentslogin

It's very, very hard for untrained people to be strict about verifying any secret phrase. The attacker can make all kinds of excuses, while creating urgency, and many people quickly abandon verifying the phrase. A scene in One Battle After Another comes to mind.

Scammers can also trick the victim into reversing the roles and telling password to scammer. Even banks ocassionaly get this wrong. I have had my bank call me and ask me to read numbers from number card. If a trained bank employee following a script designed by (hopefully) an expert cant get it right, the chance of elderly relative spotting mistakes in protocol is close to 0.

At some point, the scam evolves to a live video of a gagged loved one being tortured. "Stop wasting my time or they lose another finger."

People aren't prepared for this shit.


Oh, man. That does seem likely. What a world. I wonder if eventually there won’t be a human in the loop, just a model trained to make money with a strategy like that, automatedly selecting victims and a person to be impersonated for each. Pre-render a few videos, place multiple calls in parallel. Basically a turnkey Docker container that takes a bitcoin address as a parameter and fills it with stolen money.

Just add video and a better voip endpoint to existing setups and you're already there. A lot of scams can be (and are) run by a small handful of people now. Phishing at scale with stuff like fake tracking links etc. is already fully automated by people in a ton of ways and can definitely handle some back-and-forth over sms/whatsapp/whatever.

Long-term, it would mean that videos like that no longer function as a proof of life nor as a credible threat.

The entire design looks very interesting, but from the outside and without domain expertise I find it very hard to assess if anything about this is actually real or just a large and well-executed product of an AI psychosis.

The signs that this project is real are hard to verify:

- Angel investment by FinFET inventor Chenming Hu [1] seems a big vote of confidence, but there is no independent confirmation of this anywhere, except for two photo's in LinkedIn posts [2], which do look convincing.

- The NanoGalaxy PPMOCVD was presented at IEDM 2025 [3][4], but nobody seems to have written about it except the company itself. In this case, presenting means a poster presentation with a very vibrantly colored marketing picture.

- The NanoGalaxy PPMOCVD is built and in production, because you can "Witness a full 12-inch MoS₂ growth cycle on your own wafer lot" [5], but nobody has reported on this. A photo/video of the actual device would help a lot, but instead a very clean picture of what seems like a 3d-model is shown.

There are a few worrying signs:

- The submitter on HN presents itself as the founder. They have previously submitted other projects under the Phanta or PhantaField names [6]. Notably two hype cycle subjects: DAOs, NFTs and augmented reality, combined in a book that itself is rather 'out there' [7].

- The comments on HN by the founder are clearly AI generated with phrases like "honest caveat". The content seems to make sense (to a non-expert like me), but it's quite jarring.

- All the work except the NanoGalaxy seems to be theoretical for now, but written in very definitive language in extreme detail. For example "The die is built" with specific properties but then referencing three very experimental papers. This can of course be genuine (technical) marketing, but it's also very similar to AI psychosis work that I've encountered elsewhere. Although I must say in comparison this does look a lot more internally consistent and logical to me.

- I find it very hard to believe that the NanoGalaxy is actually existing and working hardware ready to "Witness a full 12-inch MoS₂ growth cycle on your own wafer lot". I would imagine you need a sizable team to produce such a new device, and that seems to be inconsistent with the way the company presents itself (a one man show of the founder). The absence of any verification or showcases of the device, or any evidence of a larger team make it suspect.

[1] https://www.phantafield.com/news/first-angel-investment-chen...

[2] https://www.linkedin.com/feed/update/urn:li:activity:7126002... and https://www.linkedin.com/posts/xuejunxie_its-a-great-honor-t...

[3] https://www.linkedin.com/feed/update/urn:li:share:7404253323...

[4] https://www.phantafield.com/news/12-inch-ppmocvd-iedm-2025

[5] https://www.phantafield.com/product/ppmocvd

[6] https://news.ycombinator.com/submitted?id=minkowsky

[7] https://xcancel.com/thepantheonai


I also have another side project, thepantheon.ai. I think it's ok to have multiple talents. To make the world a much more interesting place.

We talk to fabs. I am not allowed to expose any conversation. We don't need to prove to average Joe what we have.

It's indeed teamwork to bring it into production, even with huge help from AI. It also takes expertise to make sure AI is correct. As a founder, it's more of a merit than a drawback to create with a minimum headcount.


> I think it's ok to have multiple talents.

Of course that's okay, but do recognize that most blockchain projects in general and DAOs and NFTs specifically have been considered frauds or at the very least pipe dreams by many on this site from the beginning. And wider in tech society from the moment the hype was gone.

> We don't need to prove to average Joe what we have.

Of course you don't need to prove anyone anything, but it really can't hurt and there doesn't seem to be much effort in addressing the main issues. Not having anyone write about you also just seems like bad marketing: as you clearly are not in stealth mode, an extremely verbose public website stands oddly against no external coverage.

> It's indeed teamwork to bring it into production

So is or isn't the NanoGalaxy an actually physical, working device ready for a demo? (which isn't necessarily production, but somewhat close)


It's a valid prejudice. But smart contract is a beautiful technology.

I didn’t spend time on PR. Now I changed my mind. It’s a noisy world and good thing needs broadcasting.

Yes. We offer demo if you are a potential customer.


What a great bullshit detector signal it is if someone's involved in the DAOs and NFT stuff. Don't waste your time on a fake AI-generated one-man shell company. The company had like 3 investments since 2017, first $2.5k from school startup grant in 2017, and two more from incubator programs in 2023 and 2024, for "augmented reality". And now you are the most innovative chip designer in AI. Nowhere on Chenming Hu's Linkedin said anything about being an official advisor for this one-man company. I can take a photo with Messi, does that make me a top soccer player?


There is a thread on why HN is so biased against crypto. I don't feel the necessity to argue here. Prejudice is what prejudice is.

https://news.ycombinator.com/item?id=31302494

Also, PitchBook is hallucinating about every company. Don't trust their data.


The second chapter of the included tour [1] is about celery: "In fact, it's the fourth most common item among the Buttolph Collection menus, after coffee, tea, and olives."

[1] https://pudding.cool/2026/06/menu-story/


> Just repeating the same prompt until you get the desired result?

Not necessarily the desired result, but until it's 'done', where the LLM itself is the judge on if the is the case according to the given criteria (often just an updated todo-list). One of those extremely simple 'harnesses' (if you can even call it that) was even named the 'Ralph Wiggum Loop' [1] to allude to the braindead-but-persistent tokenmaxxing it results in.

[1] https://awesomeclaude.ai/ralph-wiggum


What I have been doing seems a bit different to what's described, but I always make sure to define how to know the task is done so the agent doesn't quit early. Usually this means telling it to to run the tests and type checks to ensure it runs without errors.

Otherwise they often do a first pass looks good enough but it doesn't actually work.


The point is that you need several orders of magnitude less capital to run GLM-5.2 compared with the investment needed to train a model like Opus or GLM-5.2 from scratch. To do inference of GLM-5.2 you'd need an investment of roughly less than €300k (8x H200 at GLM5.2 FP8), which is completely feasible for a lot of hosting businesses.

Even if end-users can't run these models themselves at home, there are a lot more and varied options to choose from, especially considering privacy and data protection.

You can apparently also do GLM-5.2 at Q4_K_XL with 2x RTX 3090 and lots of RAM [1], but I don't think that counts as a potential frontier model.

[1] https://news.ycombinator.com/item?id=48639186


dont compare with training compare running glm 5.2 with paying for claude enterprise subscription right?


> The reason we skip 200ms instead of pausing for 200ms when we get missed packets in a WebRTC call is because we can't pause the human on the other side of the call. But we can pause AI just fine.

This isn't about pausing anyone; it's about doing faster-than-realtime processing after a delay event. Humans can do that to some extent, and this is in fact done with some voice applications like Microsoft Teams, where after a network interruption the audio is sometimes played back really fast until the point that it becomes real-time again.

I hope it's an intentional design decision, because it works really well (for me). I can often perfectly keep track of a conversation in spite of the network delay. As much as I hate Teams, its meetings and voice implementation (also noise cancellation) works quite well, especially compared to current open source solutions like Jitsi or BigBlueButton.


Yes, it's about pausing. You pause the AI so it doesn't need to perceive the 200ms gap at all, unlike a human who will always perceive the interruption. Yes, then you run faster than real time to catch up.

Yes, humans can listen to audio faster than real time to catch up, but it degrades the experience and there is a fairly low limit to it. When talking to an AI you don't have to skip or speed up at all on the human side, is the point.


Cyber Resilience Act [1], which is well-intentioned, and doesn't outright forbid user access to firmware, but most vendors will take the easy road and outright block user-modifiable software (if they didn't already), so that their completely closed source, obfuscated and vulnerable version is the only version allowed on their devices.

[1] https://en.wikipedia.org/wiki/Cyber_Resilience_Act


Ah, EU-only. That explains why I've never heard of it, among other things.


Well... if you look behind anything that plugs into a wall socket you will see that it has ( among many other things) a CE mark. Even things in the USofA have a CE mark.

If your new product cannot have its CE mark for whatever reason, you will not have the approbations to sell in the USA either.

What the CRA will do, is if you do not have a "CRA" compliant product, you will not have the CE mark. Which means you will not (with very high probability) have the other marks needed to sell outside Europe.

Maybe then you can just sell to your close family members who like you, but good luck if you get caught and it can be proven that your shitty device caused a fire ...


We don't place any value on the CE mark in the States.

A lot of consumer electronics need to be FCC compliant, which involves a process of proving that the device doesn't emit too much of the wrong EMI/RFI in the wrong places.

And safety-wise, we use tend to use ETL, UL, and CSA for testing. These are third-party Nationally Recognized Testing Labs, and their own marks are used on devices they approve. But they're only really concerned about the safety of a product. In very broad strokes: If the device is proven to be unlikely-enough to burn a house down or cause electrical shock to humans, then it gets approved.

CE is a whole different thing. No government body in the USA requires or respects a CE mark on consumer goods; that mark doesn't hold any legal weight here.

Whether good or bad, CE is just not how we roll on this side of the pond.

(Of course, none of that means that laws in the EU don't affect product availability and features here. Globalization be that way sometimes.)


Oh. Sorry. I work for a rather large company that sells globally. In our business unit we always considered the CE mark mandatory.

I understand your point though. Of course a US company that is only ever going to sell in the US does not need to bother with international marks.


I'd like to reiterate that a CE mark means nothing to us here.

If my house burns down and a widget with only a CE mark is blamed as the source, my insurance company will consider that to be the equivalent of it having no marking at all.

If a company wants to sell a product globally including the USA, then CE isn't enough to satisfy the safety boffins.

The world is a big place, and the US isn't alone in this way: Lots of other countries also don't care about an isolated CE mark, like Canada and Mexico here in North America.

Some other large, important markets like Japan and Brazil are this way, too.

Acceptance of CE is not universal.


Well... I live in Canada and I have never seen any "modern" electronics around me that does not have the CE mark.

Even things ordered directly from China have a CE mark!

I guess you have never really visited Canada and looked at the marks on the things you use.

And it kind of removes value from your opinion about the other countries of the world. Sorry.


That's not what I'm saying. I'm not saying that a device sold anywhere in the world can't have a CE mark -- that's not it, at all. I'm also not saying that a person or company can't seek to get a CE mark for their product from wherever they are in the world (they certainly can do that).

There's a lot that I'm not saying.

What I am saying is that there are places in the world where the CE mark (and the presence or absence of it) means nothing, and that Canada is one such place.

Y'all have your own safety marks up there.

CSA is a big one -- you've had that organization up there and doing great work for over a century. cUL is another very common, accepted mark in Canada.

There are many more. Here's the list: https://scc-ccn.ca/resources/publications/recognized-canadia...

But, again: The Standards Council of Canada doesn't recognize the CE mark for devices used in Canada. That's not a thing that they do.


That's not what they're saying. They're saying that in the US, a device can have the CE mark, but that's not indicative of it passing US safety standards.

Also, I'd be surprised if all those Chinese devices have actually earned that CE mark.


>If your new product cannot have its CE mark for whatever reason, you will not have the approbations to sell in the USA either.

I worked for a US manufacturer that only sold directly in the US, and we never bothered getting CE certification on anything, just FCC. Lots of Europeans imported our products, but we left EU compliance up to them.

The size of the EU market didn't justify the costs of regulatory compliance.


> Lots of Europeans imported our products, but we left EU compliance up to them.

Yeah, compliance is almost voluntary unless you're absolutely huge.


> You would have to be a Hotz tier hacker if you wanted to do anything close to this only last year

This isn't true at all. Yes, LLMs have made it dramatically easier to analyse, debug and circumvent. Both for people who didn't have the skill to do this, and for people who know how to but just cannot be bothered because it's often a grind. This specific device turned out to be barely protected against anything. No encrypted firmware, no signature checking, and built-in SSH access. This would be extremely doable for any medium skilled person without an LLM with good motivation and effort.

You're referring to George Hotz, which is known for releasing the first PS3 hypervisor exploit. The PS3 was / is fully secured against attackers, of which the mere existence of a hypervisor layer is proof of. Producing an exploit required voltage glitching on physical hardware using an FPGA [1]. Perhaps an LLM can assist with mounting such an attack, but as there's no complete feedback loop, it still would require a lot of human effort.

[1] https://rdist.root.org/2010/01/27/how-the-ps3-hypervisor-was...


The hacking aspect has been hit and miss for me. Just today I was trying to verify a fix for a CVE and even giving the agent the CVE description + details on how to exploit it and the code that fixed it, it couldn't write the exploit code correctly.

Not to say it's not super useful, as we can see in the article


CVEs and all, but I just can't wait for firmwares for cheaper modern cameras from Sony, Nikon and Panasonic getting hacked and modified too add features from more expensive models.

They're all firmware restricted to justify buying more expensive models, in one way or another way.

DNG support would be pretty awesome too.


>... but as there's no complete feedback loop, it still would require a lot of human effort.

Not for long. Picture this: a robot receives instructions on what to physically solder in order to complete the desired modification task.

However, before it can send an image back to the vision-aware LLM guiding it, the PCB lights on fire along with the robot because said LLM confidently gave the wrong instructions.

Then, the robotic fire brigade shows up and mostly walks into walls unable to navigate anywhere useful.

The future is bright.


I'm already having lots of success letting the agent loose on the arduino or rpi and figuring out all the annoying i2c bits and having me try different pinout and wiring combos until it works. Even with a human in the loop agents are useful right now for electronics. On one occasion I did give it a camera feed so it could check for itself if the LEDs were doing as expected.


Minor correction. At 27c3's "Console Hacking 2010" talk. Geohot's Hypervisor work is mentioned at 4:25 or so. Described as "really unreliable" and "eh whatever" due to requiring hardware modification and only granting rudimentary hypervisor access.

These were the same people that then went on to explain how they reverse-engineered the encryption keys of the PS3 to enable "fakesigned" code to be installed


didn't PS3 have a hardcoded nonce for their ECDSA impl that allowed full key recovery? I would agree that I doubt LLMs let people mount side-channel attacks easily on consumer electronics though.


Yes indeed, that chain of exploits was all software and not hardware. Developed after the Hotz exploit and Sony subsequently shuttering OtherOS.

It didn't directly give access to anything however. IIRC they heavily relied on other complex exploits they developed themselves, as well as relying on earlier exploits they could access by rolling back the firmware by indeed abusing the ECDSA implementation. At least, that turned out to be the path of least resistance. Without earlier exploits, there would be less known about the system to work with.

Their presentation [1] [2] is still a very interesting watch.

[1] https://www.youtube.com/watch?v=5E0DkoQjCmI

[2] https://fahrplan.events.ccc.de/congress/2010/Fahrplan/attach...


^-- ignore much of the IIRC above; I completely misremembered, I now notice after rewatching the talk.


> fully secured against attackers, of which the mere existence of a hypervisor layer is proof of

https://en.wikipedia.org/wiki/Virtual_machine_escape


The last one was 8 years ago. It's not a terribly common vuln anymore - not that it ever was.


> The last one was 8 years ago

Not true. There's way more than that list. I could immediately think of 2 more from last year: CVE-2025-22224 and CVE-2025-22225


> Perhaps an LLM can assist with mounting such an attack, but as there's no complete feedback loop, it still would require a lot of human effort.

LLMs have had no problem modifying software on an attached android phone. It's only a matter of time.


Creating the PR, doing the explanation you just did, and closing it yourself might be a good option. Then at least your code lives somewhere that someone else can reuse if desired. Ideally combined with a linked issue that you do keep open.


The report you're referring to by the European Commission [1] shows that the mass surveillance of Chat Control 1.0 is probably not very proportional. They even note themselves that "The available data are insufficient to provide a definitive answer to this question".

However, the "13-20%" that you're quoting is a dishonest propaganda number itself. It's the false positive rate that a single small company (Yubo) reported. The reported false positive rates of other companies are between 0.32% and 1.5%, which is still a high error rate in absolute numbers.

Just to be clear: the report itself is full of uncertainty, convenient half truths and false causality. They for example completely rely on Big Tech platforms themselves to count false positives when a moderation decision was reversed. Microsoft apparently even claims that no user ever appealed against a decision ("No appeals reported"). There is no independent investigation into the effectiveness of the regulation at all, while it is in direct conflict with fundamental rights and required to be proportional to its goals.

The section about "children identified" is also a complete mess where most countries can't even report the most basic data, and it isn't clear if mass surveillance contributed anything to new cases at all. But somehow they still conclude "voluntary reporting in line with this Regulation appears to make a significant contribution to the protection of a large number of children", which seems extremely baseless.

[1] https://www.europarl.europa.eu/RegData/docs_autres_instituti...


Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: