frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

Open in hackernews

Passwords are okay, impulsive Internet isn't

https://www.dedoimedo.com/life/passwords-passkeys.html
3•brycewray•1y ago

Comments

palata•1y ago
Hmm... I see a rant against the state of software (bad software, AI diarrhea, ...) and TooBigTech having control over everything. I can agree with that, but it has nothing to do with the "passwords vs passkeys" question.

The rant against passkeys? I don't get it. Just like one can use a password manager controlled by TooBigTech or KeePass, one can use a passkey controlled by TooBigTech or a Yubikey. I find it great to authenticate directly with my Yubikey (over FIDO2) instead of using my Yubikey to decrypt a password and copying it in a form.

And then there is the part that is completely wrong about security. They say that they "can't trust their phone" so they don't want to keep the passkeys there. But that is not correct: if the passkeys are encrypted and the key is stored in a TPM, then that's effectively similar to having a security key (you have to trust the TPM, just as you have to trust the security key of course).

And then there is the nonsense:

> I can set up KeePass Portable on a USB key, run it in Linux via WINE, place it inside an encrypted VeraCrypt container, copy to any which file sharing service, if I want.

If the device where you enter the password is compromised, then the password will be compromised as soon as you enter it on that device. No matter how much you show off with your funny setup with WINE and VeraCrypt. A password manager doesn't protect against that, so passwords can be exfiltrated as they are used. Whereas a FIDO2 authentication requires the passkey every time. E.g. I need to physically touch my Yubikey for it to sign the challenge. It could be MitM, but it is visible ("I touched my Yubikey and it didn't work, what happened?").

Authenticating over FIDO2 with a security key is strictly superior to entering a password in a field, period.

Jails vs. LXC: What's the Right Choice for Infrastructure?

https://klarasystems.com/articles/jails-vs-lxc-whats-the-right-choice-for-infrastructure/
1•NexRebular•1m ago•0 comments

Atlas Neurochemical Characterization Human Brainstem with 3D Reconstruction

https://anchor.humanbrain.in/
1•Alien1Being•2m ago•0 comments

Toward a future that preserves benefits of neurotechnology for all

https://news.mit.edu/2026/toward-future-preserves-benefits-neurotechnology-for-all-0706
1•rbanffy•2m ago•0 comments

Test PostgreSQL migrations before COMMIT

https://vvka-141.github.io/pgmi/articles/test-postgresql-migrations-before-commit/
1•aevlampiev•2m ago•0 comments

Microsoft commits $2.5B, 6k employees AI implementation unit

https://www.cnbc.com/2026/07/02/microsoft-commits-2point5-billion-6000-employees-ai-implementatio...
1•rbanffy•2m ago•0 comments

Stoicism as a Mass Phenomenon

https://www.alejandradeargos.com/en/stoicism-as-a-mass-phenomenon/
1•bryanrasmussen•7m ago•0 comments

ModelDNA: Verifying the lineage of open-weight LLMs from weight fingerprints

https://arxiv.org/abs/2607.10617
2•saadaamir14•8m ago•0 comments

Fastmail announces launch of EU-hosted email infrastructure

https://www.businesswire.com/news/home/20260713988425/en/Fastmail-Launches-EU-Hosted-Email-Infras...
2•dson•8m ago•1 comments

Watching Nature Videos Can Help Relieve Stress, Study Finds

https://cnr.ncsu.edu/news/2026/07/nature-videos-relieve-stress/
2•XzetaU8•10m ago•0 comments

Show HN: We Built a Chat of Stanford's CS229 Course Notes

3•mingtianzhang•11m ago•0 comments

Whats the Max Valid Length (In Bytes) of an Emoji? (2023)

https://machs.space/posts/whats-the-max-valid-length-of-an-emoji/
1•Erenay09•14m ago•0 comments

The Wayland Trojan Horse

https://lainnet.arcesia.net/blog/2025_06_16.html
2•mimasama•15m ago•0 comments

SensorFM: Towards a general intelligence and interface for wearable health data

https://research.google/blog/sensorfm-towards-a-general-intelligence-and-interface-for-wearable-h...
1•nilen•19m ago•0 comments

I Married a Communist

https://cinemasojourns.com/2026/07/13/i-married-a-communist/
1•jjgreen•20m ago•0 comments

European "age verification" "app" forcing everyone to use Android or iOS

https://github.com/eu-digital-identity-wallet/av-doc-technical-specification/discussions/19
4•roundabout-host•23m ago•0 comments

Big Tech Is Turning A.I.'S Dystopia into Reality

https://tribunemag.co.uk/2026/06/big-tech-is-turning-a-i-s-dystopia-into-reality
2•robtherobber•25m ago•0 comments

What Is Google AI Studio Used For?

https://galaxyonknowledge.substack.com/p/what-is-google-ai-studio-used-for
1•galaxyonknowled•29m ago•0 comments

Job queues are deceptively tricky

https://typesanitizer.com/blog/job-queues.html
2•ingve•30m ago•0 comments

Infinities, impossibilities, and the man in the white linen suit

https://iain.so/infinities-impossibilities-and-the-man-in-the-white-linen-suit
2•iainharper•33m ago•0 comments

Alternative(s) to run CUDA on non-Nvidia hardware

https://www.hpcwire.com/2026/07/09/spectral-compute-aims-to-set-cuda-free-will-it-succeed/
14•alok-g•33m ago•2 comments

Odysee: The new YouTube for the far-right (2017)

https://gnet-research.org/2021/02/17/odysee-the-new-youtube-for-the-far-right/
2•robtherobber•34m ago•0 comments

Swiss Army Breaks with Microsoft: "Cyber Command" Relies on Open Source

https://www.heise.de/en/news/Swiss-Army-breaks-with-Microsoft-Cyber-Command-relies-on-Open-Source...
4•vrganj•34m ago•0 comments

The U.S. spent $30B to ditch textbooks for laptops and tablets

https://fortune.com/article/how-did-us-spending-30-billion-dollars-on-laptops-result-in-first-gen...
4•01-_-•35m ago•0 comments

Two Case Studies of NaN

https://sebsite.pw/w/20260709-nan.html
2•theanonymousone•35m ago•1 comments

Apple's iPhone Ultra will be double the price of the iPhone 17 Pro Max

https://mashable.com/tech/apple-iphone-ultra-price-rumor
3•01-_-•36m ago•0 comments

Show HN: Turn any folder of code, SQL schemas into a queryable knowledge graph

https://github.com/Graphify-Labs/graphify
2•adithyaharish•37m ago•0 comments

Ask HN: Does anyone else find GPT-5.6 Sol in Codex slow?

3•linzhangrun•41m ago•1 comments

NSF Launches Project Triad to Advance Quantum Tech for Real-World Applications

https://thequantuminsider.com/2026/07/07/nsf-launches-project-triad-to-advance-quantum-technology...
2•rbanffy•43m ago•0 comments

InfiniteDiffusion: Learned Procedural Open-World Terrain Generation

https://xandergos.github.io/terrain-diffusion/
1•logdahl•43m ago•1 comments

OpenAl Is Showing Kalshi's World Cup Odds in ChatGPT

https://www.nytimes.com/2026/07/13/technology/kalshi-openai-chatgpt-world-cup-odds.html
1•wertyk•45m ago•0 comments