frontpage.
newsnewestaskshowjobs

Open Source @Github

fp.

After Such Knowledge

https://www.5jt.com/after-such-knowledge
1•tosh•14s ago•0 comments

The Reverse Information Paradox

https://twitter.com/satyanadella/status/2076323181154230284
1•wslh•1m ago•0 comments

Show HN: Datapoint – API for Human Preference Data

https://trydatapoint.com/docs/
2•yoloakki•1m ago•0 comments

Show HN: Cascade Chat – A Hackable IRCv3 Client for macOS, Windows, and Linux

https://github.com/matt0x6F/irc-client
2•oooyay•2m ago•0 comments

Fed Chairman Kevin Warsh pledges Fed policy regime change to rid inflation tax

https://www.cnbc.com/2026/07/14/warsh-promises-inflation-will-be-a-thing-of-the-past-cites-benefi...
1•donsupreme•4m ago•0 comments

Meta used AI to target workers with medical conditions for layoffs

https://www.reuters.com/world/meta-used-ai-target-workers-with-medical-conditions-layoffs-former-...
4•nlpnerd•4m ago•0 comments

The Agent Loop Is the New SaaS

https://lobu.ai/blog/the-agent-loop-is-the-new-saas/
1•buremba•4m ago•0 comments

The US Approves Launch of Mirror Satellite That Can Reflect Sunlight at Night

https://www.wired.com/story/reflect-orbital-earendil-mirror-satellite-fcc/
1•achristmascarl•4m ago•1 comments

Show HN: Manifest – Turn any webpage into a structured action manifest for agent

https://demo.manifest.omfang.io/demo
2•Maxnordstrom•5m ago•0 comments

Software hiring has become absurd

https://twitter.com/DanielGlejzner/status/2076985401915429296
2•bilsbie•6m ago•0 comments

You have zero privacy anyway. Get over it

https://www.techradar.com/pro/quote-of-the-day-by-sun-microsystems-ceo-scott-mcnealy-you-have-zer...
1•theanonymousone•7m ago•1 comments

Honeycomb Structures Spotted on Mars

https://www.space.com/astronomy/mars/honeycomb-structures-spotted-on-mars-space-photo-of-the-day-...
1•speckx•7m ago•0 comments

Chefkiss Inferno: Open-Source Apple Silicon Emulator

https://chefkiss.dev/applehax/inferno/
1•jeswin•12m ago•1 comments

Wirehead (Science Fiction)

https://en.wikipedia.org/wiki/Wirehead_(science_fiction)
2•cainxinth•12m ago•0 comments

Microsoft Confirms Windows GDID Device Identifier That Cannot Be Disabled

https://www.ghacks.net/2026/07/12/microsoft-confirms-windows-gdid-device-identifier-that-cannot-b...
1•doener•12m ago•0 comments

Old Icons

https://leancrew.com/all-this/2026/07/old-icons/
1•surprisetalk•13m ago•0 comments

Claude for Teachers

https://www.anthropic.com/news/claude-for-teachers
1•surprisetalk•13m ago•0 comments

Show HN: Noteato – Notion-like notes as local Markdown files

https://github.com/shashankbhat2/noteato
2•dankbhat26•13m ago•0 comments

New York to enact nation's first statewide data center moratorium

https://gothamist.com/news/hochul-puts-hold-on-large-data-centers-in-new-york
1•PLenz•14m ago•1 comments

Aevum – Free AI RPG engine for Claude with persistent factions and economy

https://github.com/RukkaNova/aevum-realm-architect
1•arcanumrpgs•14m ago•0 comments

Why Claude uses the browser like a drunk intern, and how to fix it

https://pluno.ai/blog/why-claude-uses-browser-like-drunk-intern
2•korabs•14m ago•1 comments

If(Facebook == PornBook) Delete Facebook;

1•theoutfield•16m ago•0 comments

Progress orders emergency ShareFile server shutdown over mystery security threat

https://www.theregister.com/security/2026/07/13/progress-orders-emergency-sharefile-server-shutdo...
1•toomuchtodo•16m ago•1 comments

Count the Bytes, Not the FLOPs

https://thepragmaticquant.com/why-we-stopped-materializing-arrays/
1•sgilda•17m ago•0 comments

Show HN: Codynet – free, privacy-first DNS and network tools

https://codynet.com
1•codymisc•17m ago•0 comments

We asked Meta's new model to build things its team had rejected

https://github.com/adelinamart/robrain/tree/main/packages/vetobench/results/muse-spark-1.1-series
1•mart1adelina•17m ago•0 comments

Show HN: I built a smart proxy so your coding agent can run loose

https://trollbridge.dev/
1•dandriscoll•17m ago•0 comments

OpenAI Plans to Win over Doctors, Patients and Hospitals

https://www.forbes.com/sites/amyfeldman/2026/07/07/how-openai-plans-to-win-over-doctors-patients-...
1•brandonb•18m ago•0 comments

The MCP debate has a context problem

https://thenewstack.io/mcp-enterprise-agent-governance/
1•Brajeshwar•19m ago•0 comments

Open-Source APK Secret Scanner: Dexpose

https://github.com/zuhayrb/dexpose
1•ZuhayrBarhoumi•20m ago•0 comments
Open in hackernews

OpenAI mandates hardware-backed passkeys for Trusted Access Cyber members

https://www.yubico.com/blog/openai-mandates-hardware-backed-passkeys-for-trusted-access-cyber-members-to-log-into-chatgpt-accounts/
37•speckx•1h ago

Comments

rahidz•38m ago
Does this apply to anyone who verified their ID to get access to the slightly less restricted Codex versions, or only to security professionals who have the almost-entirely unrestricted version?
Zenul_Abidin•10m ago
This is what I want to know too. I already gave them my ID, and I won't be happy if they put more barriers to my usage
nicce•36m ago
I hope that at some point this is not developing to remote attestation when only "permitted" devices can use the models.
gustavus•32m ago
We all know that's where they are going with this.
inigyou•28m ago
No, that would almost certainly defeat the point of selling the models.

Hardware 2FA is not a new concept and is recommended by many people for many purposes. Only the authentication token is attested, and that is the purpose of an authentication token.

nicce•23m ago
> No, that would almost certainly defeat the point of selling the models.

If the best models are so anticipated that people do anything to get them, seems like remote attestation fits perfectly here. There is no need to use it for lower quality models which are used by masses. Instead, it even works for marketing narrative where they do everything they can that their great models are used only those devices they allow, and no <name your country> can't easily use them. Maybe even helps setting higher price.

inigyou•4m ago
If they're not useful they can't sell them. If Mythos only runs on iPhone, what good is it for cyber security research?
3form•23m ago
If it will, it will be with smartphones. YubiKeys don't quite have the properties sought here.
UltraSane•10m ago
Or even only letting the model be used via remote desktop style access.
random3•34m ago
It’s an advertisement by Yubikey - the hardware key manufacturer
jeroenhd•26m ago
I tried enabling their "advanced security" programme on my account and it's currently refusing to continue without at least 2 keys configured.

The first "hardware key" is actually my Bitwarden faking a hardware key (I'm sure they'll start blocking BW because of this in the future) but it doesn't let me add a second one unfortunately.

netruk44•11m ago
It’s a security feature, Apple does the same when you register a security key. You must register two.

If you’re using real yubikeys, it’s protection against losing one. If you had two from the start, you’re not at risk of losing your only way into your account when one goes missing or is stolen.

jmole•25m ago
Cobranded YubiKeys? Weird flex but ok.

Seriously though if you are letting agents do whatever they want without a PR process that requires hardware authentication or proof of presence, you are putting your code and your org at high risk.

kirab•18m ago
> Cobranded YubiKeys

More interesting than that even, a tier of YubiKeys that does not exist outside of this cooperation.

The supported features sit between a YubiKey 5C and a Security Key C and I did not find any other way to purchase this tier.

jallmann•2m ago
> want without a PR process that requires hardware authentication or proof of presence

Just curious, what do you use for this?

I built OTP Guard [1] a few years ago for exactly this problem, although I haven't seen any alternatives in the space. Does GitHub have something built-in now?

The original framing was more "local malware compromising your GitHub account" ... it never occurred to me that the malware could be a LLM. I really should update the website.

[1] https://otpguard.com

UltraSane•11m ago
I was actually thinking they would have to do this. Having to mail a physical token to a valid address is a extremely powerful access control method.
alberth•4m ago
Dumb question: is using the built in passkey support on my iPhone not considered “hardware-backed”, since iPhone is using device biometrics?