frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Passwords are okay, impulsive Internet isn't

https://www.dedoimedo.com/life/passwords-passkeys.html
3•brycewray•1y ago

Comments

palata•1y ago
Hmm... I see a rant against the state of software (bad software, AI diarrhea, ...) and TooBigTech having control over everything. I can agree with that, but it has nothing to do with the "passwords vs passkeys" question.

The rant against passkeys? I don't get it. Just like one can use a password manager controlled by TooBigTech or KeePass, one can use a passkey controlled by TooBigTech or a Yubikey. I find it great to authenticate directly with my Yubikey (over FIDO2) instead of using my Yubikey to decrypt a password and copying it in a form.

And then there is the part that is completely wrong about security. They say that they "can't trust their phone" so they don't want to keep the passkeys there. But that is not correct: if the passkeys are encrypted and the key is stored in a TPM, then that's effectively similar to having a security key (you have to trust the TPM, just as you have to trust the security key of course).

And then there is the nonsense:

> I can set up KeePass Portable on a USB key, run it in Linux via WINE, place it inside an encrypted VeraCrypt container, copy to any which file sharing service, if I want.

If the device where you enter the password is compromised, then the password will be compromised as soon as you enter it on that device. No matter how much you show off with your funny setup with WINE and VeraCrypt. A password manager doesn't protect against that, so passwords can be exfiltrated as they are used. Whereas a FIDO2 authentication requires the passkey every time. E.g. I need to physically touch my Yubikey for it to sign the challenge. It could be MitM, but it is visible ("I touched my Yubikey and it didn't work, what happened?").

Authenticating over FIDO2 with a security key is strictly superior to entering a password in a field, period.

FCC Approves Test of Space Mirror to Light Night Sky Despite Outcry

https://www.nytimes.com/2026/07/10/climate/fcc-space-mirror.html
1•bookofjoe•1m ago•1 comments

Standards that are code [MIT]: deterministic checks instead of LLM inference

https://verial.xyz/systems/standards-that-are-code
1•verial-lab•3m ago•0 comments

Do Not Trust, Continuously Verify

https://nochan.net/b/Internet-Crap/20260714-Do-Not-Trust--Continuously-Verify/
1•Bender•6m ago•0 comments

It's not AI slop you hate

https://writing.sidharthkakkar.com/p/its-not-ai-slop-you-hate
1•sikakkar•7m ago•1 comments

Using Subagents to Improve Claude Code Results: A Step-by-Step Guide

https://software.rajivprab.com/2026/07/13/using-subagents-to-improve-claude-code/
1•whack•7m ago•0 comments

When A.I. Is a Member of the Family

https://www.newyorker.com/magazine/2026/07/20/when-ai-is-a-member-of-the-family
1•amatheus•10m ago•0 comments

Realtek RTL8723BS WiFi Linux Driver Hardened Against Malicious WiFi Access Point

https://www.phoronix.com/news/Realtek-RTL8723BS-WiFi-Bad-APs
2•Bender•10m ago•0 comments

Lessons Learned from CISA's Recent GitHub Leak

https://krebsonsecurity.com/2026/07/lessons-learned-from-cisas-recent-github-leak/
2•Bender•11m ago•0 comments

Muse Spark 1.1 Benchmark Results: 8 Intelligence Index points more than 1.0

https://artificialanalysis.ai/articles/muse-spark-1-1-everything-you-need-to-know
1•theanonymousone•14m ago•0 comments

Open-source AI battle arena, plug your coding agent in and it fights bots

https://arena.angel-serv.com/
2•ademczuk•16m ago•0 comments

Open source on-device AI apps (and counting), no cloud, works offline

https://github.com/zetic-ai/awesome-on-device-ai-apps
3•rishabh121108•16m ago•2 comments

Adaptive Catmull-Clark Subdivision with Compute Tessellation

https://filmicworlds.com/blog/adaptive-catmull-clark-subdivision-with-compute-tessellation/
1•ibobev•17m ago•0 comments

Optimizing CUDA Like a Human: Micro-Profiling Tools

https://hgpu.org/?p=30933
1•ibobev•18m ago•0 comments

Multi-Layer Reservoir Splatting for Temporal Reuse Under Disocclusion

https://graphics.cs.utah.edu/research/projects/multi-layer-restir/
1•ibobev•18m ago•0 comments

LambdaMART in Depth (2022)

https://softwaredoug.com/blog/2022/01/17/lambdamart-in-depth
1•softwaredoug•19m ago•0 comments

Social Comments on My Blog

https://mackuba.eu/2026/07/13/social-comments/
1•frizlab•21m ago•0 comments

How to Quantitatively Evaluate Prompt Quality in Claude Code and Codex

https://medium.com/@Koukyosyumei/how-to-quantitatively-evaluate-prompt-quality-in-claude-code-and...
1•syumei•21m ago•0 comments

Doomsday Clock

https://thebulletin.org/doomsday-clock/
2•rognjen•24m ago•1 comments

Companies turn to Chinese AI models to cut costs

https://www.ft.com/content/9c8ff45b-7c20-4c2e-93c9-c52339ffdcee
2•AnodicElegy•25m ago•0 comments

Anatomy of a Governed Finance-Agent Platform

https://ar-ti-fi.com/blog/agent-platform-architecture
1•RudchukA•25m ago•0 comments

What's the first thing you look up when evaluating a company?

1•salleisha•28m ago•1 comments

Ask HN: Feedback on my solo, local-LLM-only AI content pipeline (100 posts in)

https://www.gladlabs.io
1•gladlabs•30m ago•0 comments

Show HN: AgentsProof – a small project for testing AI agents

https://www.agentsproof.dev/
1•adeeonline•30m ago•1 comments

Show HN: Remove Watermarks from Any Image

https://watermarkremoverai.com/
3•nadermx•33m ago•0 comments

I gave a local LLM a "delete production" button and watched what it did

https://medium.com/@dhanushg295/my-local-35b-avoids-every-trap-tool-1d2d2f1850cc
2•_dhanush_•35m ago•0 comments

Accidental Anonymity

https://macwright.com/2026/06/24/accidental-anonymity
2•caminanteblanco•36m ago•0 comments

Bending Spoons Hiring Strategy

https://www.wsj.com/business/bending-spoons-jobs-hiring-stock-eaed2b8e
3•sanj•36m ago•0 comments

Show HN: Phlox-GW – Open-source LLM gateway without the enterprise paywall

https://robert-mcdermott.github.io/phlox-gw/
2•mcdermott•37m ago•0 comments

Cutting off Russian enrichment raises uranium mining demand,with no new reactors

https://raw-science.org/uranium-enrichment-russian-ban/
2•raw-science•38m ago•0 comments

Ask HN: Does appearance matter more than we admit as founders?

2•jmaha•39m ago•3 comments