frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Chrome's SSL Bypass Cheatcode

https://thomascountz.com/2025/07/17/chromes-ssl-bypass-cheatcode
28•thomascountz•4h ago

Comments

eugenekolo•1h ago
It's possible they changed it from "thisisunsafe" to the b64 version to avoid automatic scanners finding "unsafe" keyword usage.
_def•50m ago
I wonder if this is for quicker testing that happens recurringly (either automated or a poor soul doing it manually) where letting the phrase type by script is just easier than doing the 2 mouse clicks
almostgotcaught•43m ago
Jesus Christ thank god for this! Recently libgen ceased to be accessible because of this and I couldn't figure out any way to disable (on Firefox as well!). Bless you.
chatmasta•38m ago
Well hopefully the blog doesn’t get too much visibility or they’ll change the string again :)

Sounds like the right place to look is the chromium commit log…

molticrystal•4m ago
Even if they change it, as long as the feature is available, a quick glance at the source code for the handleKeypress function will find the new string.

I use it so infrequently that is how I find it when I forget the exact phrasing.

Failing an explicit keypress sequence, maybe a userscript that can do the

    var certificateErrorPageController;
    if (window.certificateErrorPageController) {
        certificateErrorPageController.proceed();
    }
Which is what it seems the script is eventually calling, of course that depends on how long that works in non-developer builds as well.
pyrolistical•35m ago
Is this easier for screen readers to bypass?
Y_Y•29m ago
If I want to load some unencrypted data my browser better fucking let me do it. I don't mind if I have to give a secret handshake, but I have no sympathy for lusers who type "thisisunsafe" and then make it someone else's problem when their expectations of "safety" are violated.
AnthonyMouse•11m ago
We started off with SSL/TLS being used for payments systems and logins where its absence is very important to not ignore. Then we said we should use it for everything, which is good, but now it's showing up in different contexts.

If it says the certificate for your bank is expired, you need to stop. If it says the certificate for the 10 year old public blog post that was linked by a 5 year old Reddit post as describing the solution to your problem, that should not matter, and you just want to read the non-secret contents of whatever is on that page regardless of whether the site's maintainer turned on HTTP to HTTPS redirects and then neglected to renew the certificate.

And people understand this, and people are rightfully going to devise workarounds for the second case, and it's ridiculous to expect them to not.

alt187•1m ago
To be fair, you can click Advanced > Continue to something or other to bypass the SSL warning. I wonder what's the use of this specific cheahcode.
sigio•24m ago
I've been using this a lot (when testing), but I wish firefox/mozilla had something equivalent, because with HSTS domains, it's hard to bypass cert issues in firefox.

Show HN: Chrome extension to optimize your site for ChatGPT search results

https://github.com/codingdelta/llm-search-terms-extension
1•futureisnow23•8m ago•0 comments

Belgium Is Not Just Chocolate and Beer – It's Also Semiconductors

https://cepa.org/article/belgium-is-not-just-chocolate-and-beer-its-also-semiconductors/
1•sc90•11m ago•0 comments

Logical implication is a comparison operator

https://btdmaster.bearblog.dev/logical-implication-as-comparison/
2•btdmaster•12m ago•0 comments

Google hides secret message in name list of 3,295 AI researchers

https://arstechnica.com/information-technology/2025/07/why-it-takes-3295-people-to-write-one-google-ai-paper/
1•LorenDB•14m ago•0 comments

API Security in IAM: Architecture, Best Practices, and Threat Mitigation

https://guptadeepak.com/securing-apis-in-identity-and-access-management-a-comprehensive-guide-for-modern-organizations/
1•guptadeepak•15m ago•1 comments

WireGuard client for macOS doesn't support split tunneling so I made one

https://medium.com/@bajajvikash/wireguard-client-for-macos-doesnt-support-split-tunneling-so-i-made-one-f1f53ea790fc
3•scottydelta•15m ago•0 comments

Show HN: Being a "100x developer": added DB adapters for MySQL, Postgres, SQLite

https://github.com/Qbix/Platform/commits/refactor/DbQuery/
1•EGreg•15m ago•1 comments

Ask HN: What should we do about state ID legislation?

2•VerdisQuo5678•18m ago•4 comments

The Patterns of Elites Who Conceal Their Assets Offshore

https://home.dartmouth.edu/news/2025/07/patterns-elites-who-conceal-their-assets-offshore
53•cval26•18m ago•11 comments

Reading in the Age of AI

https://damngrav.substack.com/p/daily-grind-july-17-2025-ai-and-the
2•bputano•19m ago•0 comments

Roblox New AI Feature Will Estimate Teenager's Age Through Video Selfies

https://corp.roblox.com/newsroom/2025/07/advancing-safety-on-roblox-with-age-based-communication
2•HelloUsername•22m ago•0 comments

Linux has over 6% of the desktop market? Yes, you read that right

https://www.zdnet.com/article/linux-has-over-6-of-the-desktop-market-yes-you-read-that-right-heres-how/
2•CrankyBear•22m ago•2 comments

Michael Mizrachi Crushes 2025 World Series of Poker Main Event

https://www.cardplayer.com/poker-news/year-of-the-grinder-michael-mizrachi-crushes-world-series-of-poker-main-event
1•indigodaddy•23m ago•0 comments

Trump Executive Order to Help Open Up 401(k)s to Private Markets

https://www.wsj.com/finance/investing/trump-executive-order-to-help-open-up-401-k-s-to-private-markets-c90c6788
1•handfuloflight•24m ago•1 comments

Kiro Pauses Downloads

https://kiro.dev/downloads/
5•krthr•25m ago•3 comments

Stable Channel Update for Desktop

https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html
1•taubek•27m ago•0 comments

Introducing Figma's new (liquid) glass effect

https://www.youtube.com/watch?v=H_HN0nwdox0
2•bundie•27m ago•0 comments

Monorail: Pioneering $999 PCs from 1996

https://dfarq.homeip.net/monorail-the-pioneering-999-pc-from-1996/
1•naves•28m ago•1 comments

Extreme skydiver Baumgartner dies in paragliding accident

https://www.dw.com/en/extreme-skydiver-baumgartner-dies-in-paragliding-accident/a-73317216
22•selectAll•28m ago•9 comments

Quicksilver v2: evolution of a globally distributed key-value store (Part 2)

https://blog.cloudflare.com/quicksilver-v2-evolution-of-a-globally-distributed-key-value-store-part-2-of-2/
3•emschwartz•29m ago•1 comments

Coldplay's Kiss Cam Exposes Astronomer's CEO Andy Byron Alleged Affair

https://whereisthebuzz.com/coldplays-kiss-cam-exposes-astronomers-ceo-andy-byron-alleged-affair-with-hr-chief-kristin-cabot/
5•wslh•31m ago•1 comments

Oldest president to seek eighth term

https://www.bbc.com/news/articles/ckglpnk0kqko
2•gmays•32m ago•0 comments

Windsurf Wave 11 Released

https://twitter.com/windsurf_ai/status/1945918283313725794
1•agtestdvn•32m ago•0 comments

Thiamine Deficiency and Neuroinflammation Contribute to Alcohol Use Disorder

https://www.mdpi.com/1873-149X/32/3/34
3•PaulHoule•33m ago•0 comments

Hydrogen Engine of the Future

https://hackaday.io/project/203285-hydrogen-engine-of-the-future
1•Reznicek•33m ago•0 comments

Taikyoku Shogi

https://en.wikipedia.org/wiki/Taikyoku_shogi
1•xk3•34m ago•0 comments

"Even God Cannot Hear Us Here": What I Witnessed Inside an ICE Women's Prison

https://www.vanityfair.com/news/story/rumeysa-ozturk-what-i-witnessed-inside-an-ice-womens-prison
10•tastyface•34m ago•3 comments

Show HN: Flight status UI concept I coded

https://codepen.io/turbokit/pen/vEOqzve
1•turbokit•34m ago•1 comments

Ask HN: Tor Hidden Services

1•atomic128•34m ago•0 comments

Oregon Trail where dysentery makes you pull over to poop, constantly

https://www.gamesradar.com/games/adventure/theres-a-free-version-of-the-oregon-trail-where-you-start-out-with-dysentery-and-have-to-make-it-across-the-country-without-pooping-your-pants/
1•JohnHendrix•34m ago•1 comments