Hacker Newsnew | past | comments | ask | show | jobs | submit | IntToDouble's commentslogin

The first rule of Show HN is, "don't give me a playground where it looks like I can push the button and then force me to auth when I actually do click the button, expecting magic on the other side."

The second rule of Show HN is, "YOU DO NOT FORCE USERS TO AUTHENTICATE AFTER THEY'VE CLICKED THE BUTTON."


:saluting_face we debated whether to do or not to do it like this. We were scared of people scraping us (among other things) and decided to be bad


Rate-limited Playground Only key? Lock to requests for said key to be only permitted from the exact referrer? Give me one free and then auth?

¯\_(ツ)_/¯

I just want to try before I buy, sir.


Direct link to the retrospective:

https://securityalliance.notion.site/A-Squarespace-Retrospec...


Direct link to an unofficial and 3rd party retrospective, it would seem.

> As Squarespace has yet to release an official statement or postmortem, the following is our strongest theory on how the threat actor was able to gain initial access to Squarespace accounts. It is the most likely explanation given the information we collected from numerous affected companies and experiments we ran ourselves.


Puzzling they chose to partner with Onerep when Kanary was part of Mozilla's incubator and is just a fundamentally stellar service.


"Puzzling" is a good description of just about every business decision Mozilla has made over at least the last decade.

People complain about the Google search deal and I get why, but I've been using the browser since back when it was called Phoenix, and at this point I'm pretty sure the Google deal is the only reason it's still alive. The engineering is still solid; its stewardship seems anything but.


Can you share more?


In terms of the incubator, looks like it was replaced with Mozilla Ventures:

https://builders.mozilla.community/ https://builders.mozilla.community/old/alumni.html

With respect to Kanary, I have my entire family the platform and it's drastically reduced the amount of garbage (figurative) that comes through our door. Needed help with something non-standard the CEO personally took care of things while learning more about our specific use case.


Second the recommendation for Kanary. Formerly had a lot of inbound spam, has seriously cut it.


The Laws of Human Nature by Robert Greene

48 Laws of Power by Robert Greene

BigCo shenanigans will never look the same!


Oh man so many books from my personal collection showing up here!!


Our twist on the family email is to have $VARIABLE@domain.com point to a Google Group that for the moment, only goes to the adults in the room. Makes sorting/labeling things significantly easier.

$KID1@domain.com, $PET2@domain.com, $HOUSE1@domain.com, etc.


Does it bother you that the list won't sort correctly when you hit HOUSE10 or are you already padding a 0 on there?


Variables are expanded in this case so the sorting is already lost :-)


Self plug but high relevancy - measuring keystrokes-per-second to convert the characters saved into actual $TIME.

Calculation for "the" from the screenshot in the repo:

9933 characters saved / 8 kps = ~20 minutes

https://www.inttodouble.com/explore/keystrokes-per-second


Cheapest being humans.


Not necessarily. Maybe currently, but perhaps not in the future.


+1 for Kanary.

The amount of time/effort/rage that goes into dealing with a stolen identity makes paying for this a no-brainer.


Why thank you!


+1 on weight lifting.

Issues began when I stopped lifting. Since then, they flare/fade according to the 90 day trend line of gym attendance.


not scientific evidence but just one more data point to corroborate this line of thought.

i never had even the slightest wrist problems during 26 years of typing and software development - but i've also never stopped exercising, including frequent weight-lifting.


https://www.inttodouble.com/

The loose theme is intended to be how making incremental improvements in the thousands of tiny things we do each day compound to make a difference over the course of our lives.

In practice, it serves more as a publishing ground for a bunch of random things that need to be put on paper/into code.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: