frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

UK-US trade deal will lead to more than 200k avoidable deaths

https://www.theguardian.com/society/2026/jul/01/us-uk-drug-deal-could-result-in-229000-excess-dea...
1•secretslol•20s ago•0 comments

Stashing data in WOFF2 color glyphs to get free Brotli decompression via Canvas

https://github.com/EtherDream/brpack/
1•etherdream•57s ago•0 comments

MacBasic (1985)

https://www.folklore.org/MacBasic.html
1•andsoitis•7m ago•0 comments

Ask HN: noticed how HN performs sentiment-analysis on everything posted here?

1•bridgettegraham•10m ago•2 comments

Nvidia Through a Crypto Miner's Eyes

https://vincentping.com/en/nvidia-through-miner-eyes
1•vincentping•12m ago•1 comments

Check Out My Website

https://topic-chat-hub--seattlem112.replit.app/
1•computerwonder•12m ago•0 comments

Kids learn to bully from adults' threats, manipulation and criticism

https://theconversation.com/kids-learn-to-bully-from-adults-threats-manipulation-and-criticism-a-...
3•1659447091•17m ago•1 comments

Show HN: Rust Backed Fast Dataloader

https://github.com/midhunharikumar/ferroload
1•midhunharikumar•19m ago•1 comments

Meta to sell excess compute, like SpaceX

https://techcrunch.com/2026/07/01/meta-like-spacex-looks-to-turn-excess-ai-compute-into-cash/
2•noashavit•20m ago•1 comments

Databricks LTAP Explained

https://sys0.substack.com/p/databricks-ltap-explained-turning
1•shenli3514•20m ago•0 comments

Konsistent: Enforce consistent code for agents and humans

https://vercel.com/changelog/enforce-consistent-code-for-agents-and-humans-with-konsistent
2•handfuloflight•21m ago•0 comments

Show HN: Meow – The 4th and final JavaScript runtime and toolchain

https://meow.style
4•ccheshirecat•24m ago•1 comments

SpaceX Hangover Spreads

https://www.ft.com/content/6a13a108-ef3e-41b5-aaba-7f61eff61ae0
2•1vuio0pswjnm7•27m ago•0 comments

Stevie: Vim Predecessor ("ST editor for vi enthusiasts")

https://en.wikipedia.org/wiki/Stevie_(text_editor)
1•erelong•28m ago•0 comments

Why is Apple asking me to pay more for Big Tech's AI obsession?

https://www.theverge.com/report/958678/apple-consumer-price-increase-ai-big-tech
2•1vuio0pswjnm7•30m ago•2 comments

Early look at Anthropic's Claude Science app for researchers

https://www.testingcatalog.com/early-look-at-anthropics-claude-science-app-for-researchers/
1•willmarch•30m ago•0 comments

Fable Is Back: This Safeguard Has Some AI in It

https://www.thealgorithmicbridge.com/p/fable-is-back-this-safeguard-has
1•swolpers•32m ago•0 comments

Making LLMs Better at Creative Writing Using Entropy

https://www.countbayesie.com/blog/2026/7/1/making-llms-better-at-creative-writing-using-entropy
2•roadside_picnic•32m ago•1 comments

Programming Quotes

https://gist.github.com/Potherca/5ffd57393a85553ab55b
1•sillysaurusx•34m ago•1 comments

A new Android malware from Google

https://f-droid.org/2026/07/01/adv-malware.html
9•drewfax•35m ago•0 comments

The Shilajit Dilemma

https://www.bloomberg.com/features/2026-shilajit-testosterone-liver-risks-maha/
2•littlexsparkee•35m ago•1 comments

Show HN: Techno Kick

https://technokick.com/
1•stagas•36m ago•0 comments

How to Tell a Real Win from Noise in a Tiny Eval

https://medium.com/@alanscottencinas/how-to-tell-a-real-win-from-noise-in-a-tiny-eval-902c89e6aa51
1•encinas88•39m ago•0 comments

Senior SWE-Bench: open-source benchmark that assesses agents as senior engineers

https://senior-swe-bench.snorkel.ai/
8•matt_d•40m ago•4 comments

Paper mill cancer studies get double the number of citations as genuine papers

https://www.nature.com/articles/d41586-026-01908-8
2•gnabgib•44m ago•0 comments

A Significant Increase in Digital Labor Automation

https://safe.ai/blog/significant-increase-in-digital-labor-automation
1•willmarch•45m ago•1 comments

Apple Seeks to Buy Chinese-Made Memory Chips by Lobbying US

https://www.bloomberg.com/news/articles/2025-06-13/chess-com-is-increasingly-popular-with-profess...
2•htrp•45m ago•0 comments

Why I Don't Believe in Machine Consciousness – Jaron Lanier

https://www.jaronlanier.com/1000words.html
4•andsoitis•51m ago•1 comments

Google ordered to pay Klarna $2B antitrust damages

https://www.ft.com/content/1f30ea07-63f7-4c74-b5d2-acf313177778
2•petethomas•52m ago•1 comments

Fedora Council Seeks to Shutdown Current Discussions over AI Developer Desktop

https://www.phoronix.com/news/Fedora-Council-AI-Desktop
2•Bender•53m ago•0 comments
Open in hackernews

Passwords are okay, impulsive Internet isn't

https://www.dedoimedo.com/life/passwords-passkeys.html
3•brycewray•1y ago

Comments

palata•1y ago
Hmm... I see a rant against the state of software (bad software, AI diarrhea, ...) and TooBigTech having control over everything. I can agree with that, but it has nothing to do with the "passwords vs passkeys" question.

The rant against passkeys? I don't get it. Just like one can use a password manager controlled by TooBigTech or KeePass, one can use a passkey controlled by TooBigTech or a Yubikey. I find it great to authenticate directly with my Yubikey (over FIDO2) instead of using my Yubikey to decrypt a password and copying it in a form.

And then there is the part that is completely wrong about security. They say that they "can't trust their phone" so they don't want to keep the passkeys there. But that is not correct: if the passkeys are encrypted and the key is stored in a TPM, then that's effectively similar to having a security key (you have to trust the TPM, just as you have to trust the security key of course).

And then there is the nonsense:

> I can set up KeePass Portable on a USB key, run it in Linux via WINE, place it inside an encrypted VeraCrypt container, copy to any which file sharing service, if I want.

If the device where you enter the password is compromised, then the password will be compromised as soon as you enter it on that device. No matter how much you show off with your funny setup with WINE and VeraCrypt. A password manager doesn't protect against that, so passwords can be exfiltrated as they are used. Whereas a FIDO2 authentication requires the passkey every time. E.g. I need to physically touch my Yubikey for it to sign the challenge. It could be MitM, but it is visible ("I touched my Yubikey and it didn't work, what happened?").

Authenticating over FIDO2 with a security key is strictly superior to entering a password in a field, period.