Loupe Exposes What iOS Apps See, Linux Kills strncpy, and Cloudflare Ships Agent Accounts

Good morning. It's Sunday, June 21, and we're covering an iOS app that reads raw device-fingerprinting values from public APIs, the end of strncpy in the Linux kernel after a six-year cleanup, and Cloudflare's new primitive that lets AI agents deploy Workers without first creating an account.

The Loupe thread hit 323 points as developers installed the app and watched their iPhone expose readings they did not realize were available to any app with no prompt. The strncpy retirement sparked 205 comments, mostly relief that a "persistent source of bugs" is finally gone.

In today's brief:

• Loupe, from the Mysk team, reads real values from public iOS APIs across three tiers: passive, needs-permission, and advanced side-channels
• Linux 7.2 eliminates strncpy after six years and 362 commits, replacing it with strscpy, strtomem_pad, and memcpy_and_pad
• Cloudflare ships wrangler deploy --temporary - agents get a live Worker in seconds, claim it within 60 minutes or it expires
• A hands-on comparison of epoll vs io_uring explains why the author sees no reason to reach for epoll on modern systems

SECURITY

Loupe Shows What Native iOS Apps Can Actually See

The Mysk team released Loupe, an iOS and iPadOS app that reads real values from public iOS APIs - the same ones any third-party app can call - and shows them to you raw. It is available on the App Store and the source code is MIT-licensed. The repo has 899 stars and 36 forks.

Loupe groups every reading into three tiers, reflecting the cost of access. Passive signals are visible to any app with no prompt at all: locale, time zone, screen dimensions, battery level, and more. Needs Permission readings trigger an iOS prompt: contacts, photos, location, calendars. Advanced signals are clever side-channel uses of public APIs, such as URL-scheme probing via canOpenURL and Keychain persistence across reinstalls - a tracker can identify you even after you delete and reinstall an app, because the Keychain survives.

The key insight from the README: "Trackers don't need your name, email, or location to recognize you online. Each reading isn't necessarily unique on its own, but together they form a fingerprint that follows you across apps and websites." Nothing Loupe reads leaves the device unless you explicitly export it.

The HN thread (323 points, 122 comments) surfaced the gap between Apple's App Privacy Labels and what Loupe reveals. Privacy labels are self-attested by developers. Loupe is observed. The difference between "this app says it collects X" and "this app is reading Y right now" is the difference between a disclosure and an audit. One detail from the repo: Loupe was written almost entirely by AI coding tools.

Why it matters: Apple's privacy labels describe what data apps collect. Loupe shows what apps can access - a broader and more accurate surface. The three-tier access model makes the implicit cost structure of iOS API access explicit. When Keychain persistence across reinstalls is a public API, "delete and reinstall" is no longer a privacy reset.

KERNEL

Linux Eliminates the strncpy API After Six Years

Linux 7.2 has finally eliminated strncpy from the kernel. The function has been a "persistent source of bugs" for years due to counter-intuitive semantics around NUL termination and performance issues from redundant zero-filling of the destination buffer. It took six years and approximately 362 commits to remove every user of the strncpy interface.

The merge eliminated the strncpy API and the last per-CPU architecture strncpy implementations. The replacement APIs make the behavior explicit: strscpy() for NUL-terminated destinations, strscpy_pad() for NUL-terminated destinations with zero-padding, strtomem_pad() for non-NUL-terminated fixed-width fields, memcpy_and_pad() for bounded copies with explicit padding, and memcpy() for known-length memory copies.

strncpy's problem was never that it crashed. The problem was that it silently truncated strings without guaranteeing null-termination, producing strings that looked valid until they were used. The HN thread (220 points, 205 comments) became a retrospective on how kernel API deprecation actually works: not by removing the function, but by making every caller explicit about what it wants, then removing the function once no caller depends on the ambiguous default. Six years is fast for a kernel API change.

Why it matters: Security work in the kernel is mostly patience. The strncpy migration is a textbook case: identify the footgun, build the replacements, convert every caller, then close the door. The 362 patches are unglamorous and the impact is measured in vulnerabilities that never happen.

AI INFRASTRUCTURE

Cloudflare Ships Temporary Accounts for AI Agents

Cloudflare introduced Temporary Accounts for agents that need to deploy code without first creating an account. An agent runs wrangler deploy --temporary and gets a live Worker in seconds. The deployment stays active for 60 minutes, during which a human can claim the temporary account via a URL and make it permanent. If nobody claims it, it expires on its own.

The mechanism solves a specific problem: background agents slam into a wall built for humans when they need to deploy. Browser-based OAuth flows, dashboards to click through, API tokens to copy-paste, and MFA prompts all assume a human is present. For an interactive copilot that is annoying. For a background agent, it is a hard stop. Wrangler was updated to prompt the agent with a message that tells it about the --temporary flag, so agents discover it without a human explicitly instructing them to use it.

The agent can iterate on the Worker script and redeploy as many times as it wants within the 60-minute window. The claim URL transfers the temporary account - including Workers, databases, and other bindings - to a permanent Cloudflare account. Cloudflare also announced a partnership with Stripe on a co-designed protocol that lets agents provision Cloudflare on behalf of users, and collaborated with WorkOS on auth.md, which lets agents provision new accounts using existing OAuth standards.

The HN thread (217 points, 115 comments) debated whether the pattern generalizes beyond Cloudflare's edge. The consensus was that the principle does, even if the implementation is Cloudflare-specific. The current state of agent authentication is mostly shared API keys in environment variables. Every agent that touches infrastructure carries a credential that, if leaked, grants everything the user can do.

Why it matters: Agent security is authentication-shaped. The tools exist; the identity model does not. Cloudflare is early with a concrete implementation of what the rest of the industry is still writing blog posts about. The 60-minute expiry window is the right default: agents get to ship, humans get to claim, and orphaned deployments clean themselves up.

SYSTEMS

Epoll vs io_uring: A Working Comparison

A hands-on comparison from the author of TinyGate, a reverse proxy built with students, walks through the architectural difference between Linux's two async I/O paths. The post includes working C code for both approaches.

epoll uses a readiness model: it tells you when I/O is possible, but you still have to call read() or write() yourself afterward. That is two syscalls per I/O event, on top of the one-time epoll_ctl registration. Each syscall causes a context switch between user and kernel mode, which creates significant overhead at high connection counts. io_uring uses a completion model: you submit operations into a shared memory ring buffer, and the kernel posts completions back into that same buffer. Instead of a syscall pair per I/O operation, you get a syscall per batch - or, with IORING_SETUP_SQPOLL, close to zero syscalls during steady state.

The comparison is not one-sided. SQPOLL spins up a dedicated kernel thread that polls the submission queue continuously, which burns CPU even when the queue is empty. There is an idle timeout after which it backs off to sleeping, but it is not free. The author also notes that asynchronous error handling is harder: errors come back as part of the completion event's res field, not as a direct return value like a synchronous syscall.

The HN thread (180 points, 45 comments) added a practical note about deployment: io_uring's security surface has led several distributions (Debian, Flatcar) to disable it by default. If you ship a binary that depends on io_uring, you may find your target platform does not expose it. The author's conclusion: "I don't see much reason to still reach for epoll on a system that has io_uring."

Why it matters: io_uring is the new standard for async I/O on modern Linux, but "the new standard" and "what you should use today" are different questions. The completion model is architecturally superior for high-concurrency workloads, but the SQPOLL CPU cost and the distribution-level security disablement are real constraints. This comparison gives the numbers and tradeoffs to make the call for your workload.

WHAT ELSE IS HAPPENING

• Developers don't understand CORS (2019) (223 points, 133 comments): A classic resurfacing on the front page. Still the clearest explainer of the persistent confusion between CORS as browser-enforced read-protection and a server-side security feature.
• Google hits 50% IPv6 (146 points, 141 comments): Half of all connections to Google are now over IPv6. APNIC breaks down the regional disparities and the long tail of networks still on v4.
• Anthropic's Project Fetch enters phase two (62 points, 21 comments): New evals and a focus on multi-step browsing reliability. The clearest signal yet that "the model can browse" is becoming a measured capability.
• Building reliable agentic AI systems (110 points, 23 comments): Martin Fowler on evaluation harnesses, deterministic scaffolding around probabilistic cores, and observability for non-determinism.
• TownSquare - a tiny presence layer for websites (186 points, 102 comments): A Show HN widget showing who else is on a page right now. No tracking, no accounts.
• StartupWiki - a free alternative to Crunchbase (200 points, 62 comments): A community-edited, open directory of startups and funding rounds. Free to browse and edit.
• Zigzag decoding with AVX-512 (78 points, 14 comments): Vectorizing protobuf-style varint decoding with throughput numbers that reframe schema parsing hot paths.
• UHF X11: X11 built for VisionOS and Apple Vision Pro (208 points, 44 comments): Running X11 apps on visionOS, with surprising usability for spatial displays.

---

Every link above goes to a primary source or our sourced coverage. Tomorrow's brief lands when the news does - subscribe to get it by email.