Show HN: Anonymous Age Verification
4 by jwally | 2 comments on Hacker News.
So I'm not an expert in this area, but here's an attempt at cost effective, anonymous, age verification flow that probably covers ~70% of use cases in the United States. The basic premise is to leverage your bank (who already has had to perform KYC on you to open an account) to attest to your age for age-restricted merchant sites (pornhub, gambling, etc) without sharing any more information than necessary. Flow works like this: 1) You go to gambling.com 2) They request you to verify your age 3) You choose "Bank Verification" 4) You trigger a WebAuthn Credential Creation flow 5) gambling.com gives you a string to copy ------------- 6) You log into your bank 7) You go to bank.com/age-verify 8) You paste in the string you were given 9) The bank verifies it/you and creates a signed payload with your age-claims (over_18: true, over_21: false) 10) You copy this and go back to gambling.com --------------- 11) You paste the string back into gambling.com 12) You perform WebAuthn Auth flow 13) gambling.com verifies everything (signatures, webauthn, etc) 14) gambling.com sets a session-cookie and _STRONGLY_ encourages you to create an account (with a pass key). This will prevent you from having to verify your age every time you visit gambling.com The mechanics might feel off, but it feels like this in the neighborhood of a way to perform anonymous age verification. This is virtually free, and requires extremely light infra. Banks can be incentivized with small payments, or offer it because everyone else does and don't want to get left behind.
Sunday, August 31, 2025
Saturday, August 30, 2025
Friday, August 29, 2025
Thursday, August 28, 2025
Wednesday, August 27, 2025
Tuesday, August 26, 2025
New top story on Hacker News: Show HN: SecretMemoryLocker – File Encryption Without Static Passwords
Show HN: SecretMemoryLocker – File Encryption Without Static Passwords
7 by YuriiDev | 0 comments on Hacker News.
I built SecretMemoryLocker ( https://ift.tt/3K57sAi ), a file encryption tool that generates keys dynamically from your answers to personal questions instead of using a static master password. This makes offline brute-force attacks much more difficult. Think of it as a password manager that meets mnemonic seed recovery, but without storing any sensitive keys on disk. Why? I kept losing master passwords and wanted a solution that wasn't tied to a single point of failure. I also wanted to create a "digital legacy" that my family could access only under specific conditions. The core principle is knowledge-based encryption: the key only exists in memory when you provide the correct answers. Status: * MVP is ready for Windows (.exe). * Linux and macOS support is planned. * UI is available in English, Spanish, and Ukrainian. Key Features: * No Static Secrets: No master password or seed phrase is ever stored. The key is reconstructed on the fly. * Knowledge-Based Key Generation: The final encryption key is derived from a combination of your personal answers and file metadata. * Offline Brute-Force Resistance: Uses MirageLoop, a decoy system that activates when incorrect answers are entered. Instead of decrypting real data, it generates an endless sequence of AI-created questions from a secure local database, creating an illusion of progress while keeping your real data untouched. * Offline AI Generation Mode: Optional offline Q&A generator (prototype). How It Works (Simplified): 1) Files are packed into an AES-256 encrypted ZIP archive. 2) A JSON key file stores the questions in an encrypted chain. Each subsequent question is encrypted with a key derived from the previous correct answer and the file's hash. This forces you to answer them sequentially. 3) The final encryption key for the ZIP file is derived by combining the hashes of all your correct answers. The key derivation formula looks like this: K_final = SHA256(H(answer1+file_hash) + H(answer2+file_hash) + ...) (Note: We are aware that a fast hash like SHA256 is not ideal for a KDF. We plan to migrate to Argon2 in a future release to further strengthen resistance against brute-force attacks.) To encrypt, you provide a file. This creates two outputs: your_file.txt → your_file_SMLkey.json + your_file_SecretML.zip To decrypt, you need both files and the correct answers. Install & Quick Start: Download the EXE from GitHub Releases (no dependencies needed): https://ift.tt/cy2ZRuK Encrypt: SecretMemoryLocker.exe --encrypt "C:\docs\important.pdf" Decrypt: SecretMemoryLocker.exe --decrypt "C:\docs\important_SMLkey.json" I would love to get your feedback on the concept, the user experience, and any security assumptions I've made. Thanks!
7 by YuriiDev | 0 comments on Hacker News.
I built SecretMemoryLocker ( https://ift.tt/3K57sAi ), a file encryption tool that generates keys dynamically from your answers to personal questions instead of using a static master password. This makes offline brute-force attacks much more difficult. Think of it as a password manager that meets mnemonic seed recovery, but without storing any sensitive keys on disk. Why? I kept losing master passwords and wanted a solution that wasn't tied to a single point of failure. I also wanted to create a "digital legacy" that my family could access only under specific conditions. The core principle is knowledge-based encryption: the key only exists in memory when you provide the correct answers. Status: * MVP is ready for Windows (.exe). * Linux and macOS support is planned. * UI is available in English, Spanish, and Ukrainian. Key Features: * No Static Secrets: No master password or seed phrase is ever stored. The key is reconstructed on the fly. * Knowledge-Based Key Generation: The final encryption key is derived from a combination of your personal answers and file metadata. * Offline Brute-Force Resistance: Uses MirageLoop, a decoy system that activates when incorrect answers are entered. Instead of decrypting real data, it generates an endless sequence of AI-created questions from a secure local database, creating an illusion of progress while keeping your real data untouched. * Offline AI Generation Mode: Optional offline Q&A generator (prototype). How It Works (Simplified): 1) Files are packed into an AES-256 encrypted ZIP archive. 2) A JSON key file stores the questions in an encrypted chain. Each subsequent question is encrypted with a key derived from the previous correct answer and the file's hash. This forces you to answer them sequentially. 3) The final encryption key for the ZIP file is derived by combining the hashes of all your correct answers. The key derivation formula looks like this: K_final = SHA256(H(answer1+file_hash) + H(answer2+file_hash) + ...) (Note: We are aware that a fast hash like SHA256 is not ideal for a KDF. We plan to migrate to Argon2 in a future release to further strengthen resistance against brute-force attacks.) To encrypt, you provide a file. This creates two outputs: your_file.txt → your_file_SMLkey.json + your_file_SecretML.zip To decrypt, you need both files and the correct answers. Install & Quick Start: Download the EXE from GitHub Releases (no dependencies needed): https://ift.tt/cy2ZRuK Encrypt: SecretMemoryLocker.exe --encrypt "C:\docs\important.pdf" Decrypt: SecretMemoryLocker.exe --decrypt "C:\docs\important_SMLkey.json" I would love to get your feedback on the concept, the user experience, and any security assumptions I've made. Thanks!
Monday, August 25, 2025
Sunday, August 24, 2025
Saturday, August 23, 2025
Friday, August 22, 2025
Thursday, August 21, 2025
New top story on Hacker News: Show HN: Tool shows UK properties matching group commute/time preferences
Show HN: Tool shows UK properties matching group commute/time preferences
5 by fryingdan | 3 comments on Hacker News.
I came up with this idea when I was looking to move to London with a friend. I quickly learned how frustrating it is to trial-and-error housing options for days on end, just to be denied after days of searching due to some grotesque counteroffer. To add to this, finding properties that meet the budgets, commuting preferences and work locations of everyone in a group is a Sisyphean task - it often ends in failure, with somebody exceeding their original budget or somebody dropping out. To solve this I built a tool ( https://closemove.com/ ) that: - lets you enter between 1-6 people’s workplaces, budgets, and maximum commute times - filters public rental listings and only shows the ones that satisfy everyone’s constraints - shows results in either a list or map view No sign-up/validation required at present. Currently UK only, but please let me know if you'd want me to expand this to your city/country. This currently works best in London (with walking, cycling, driving and public transport links connected), and works decently in the rest of the UK (walking, cycling, driving only). This started as a side project and it still needs improvement. I’d appreciate any feedback!
5 by fryingdan | 3 comments on Hacker News.
I came up with this idea when I was looking to move to London with a friend. I quickly learned how frustrating it is to trial-and-error housing options for days on end, just to be denied after days of searching due to some grotesque counteroffer. To add to this, finding properties that meet the budgets, commuting preferences and work locations of everyone in a group is a Sisyphean task - it often ends in failure, with somebody exceeding their original budget or somebody dropping out. To solve this I built a tool ( https://closemove.com/ ) that: - lets you enter between 1-6 people’s workplaces, budgets, and maximum commute times - filters public rental listings and only shows the ones that satisfy everyone’s constraints - shows results in either a list or map view No sign-up/validation required at present. Currently UK only, but please let me know if you'd want me to expand this to your city/country. This currently works best in London (with walking, cycling, driving and public transport links connected), and works decently in the rest of the UK (walking, cycling, driving only). This started as a side project and it still needs improvement. I’d appreciate any feedback!
Wednesday, August 20, 2025
Tuesday, August 19, 2025
Monday, August 18, 2025
Sunday, August 17, 2025
New top story on Hacker News: Show HN: NextDNS Adds "Bypass Age Verification"
Show HN: NextDNS Adds "Bypass Age Verification"
20 by nextdns | 3 comments on Hacker News.
We just shipped a new feature in NextDNS: Bypass Age Verification. More and more sites (especially adult ones) are now forcing users to upload IDs or selfies to continue. We think that’s a terrible idea: handing over government documents to random sites is a huge privacy risk. This new setting workarounds those verification flows via DNS tricks. It’s available today to all users, including free accounts. We’re curious how the HN community feels about this. Is it the right way to protect privacy online, or will it just provoke regulators to push harder? https://nextdns.io
20 by nextdns | 3 comments on Hacker News.
We just shipped a new feature in NextDNS: Bypass Age Verification. More and more sites (especially adult ones) are now forcing users to upload IDs or selfies to continue. We think that’s a terrible idea: handing over government documents to random sites is a huge privacy risk. This new setting workarounds those verification flows via DNS tricks. It’s available today to all users, including free accounts. We’re curious how the HN community feels about this. Is it the right way to protect privacy online, or will it just provoke regulators to push harder? https://nextdns.io
Saturday, August 16, 2025
Friday, August 15, 2025
Thursday, August 14, 2025
Wednesday, August 13, 2025
Tuesday, August 12, 2025
Monday, August 11, 2025
New top story on Hacker News: Show HN: Play Pokémon to unlock your Wayland session
Show HN: Play Pokémon to unlock your Wayland session
3 by anajimi | 2 comments on Hacker News.
Hello everyone! I've created a gameboy emulator to unlock my Wayland session and wanted to share this project to everyone here! I've been a Linux enthusiast since I was a kid. What always captivated me was the freedom to customize my system exactly the way I wanted. With Wayland, we've reached an incredible level of performance. It's like turning your operating system into a video game! I've always been fascinated by the blend of fun and the serious, technical nature of an OS. That’s what inspired me to create this project. I started by studying Wayland, its protocol and how to build a compositor. Then I became particularly intrigued by the concept of a locker, which reminded me a bit of an escape game. That’s when I thought: how cool would it be to solve a puzzle to unlock your session, instead of just typing a password? Since I’ve worked with emulators in the past and I’m a huge Pokémon fan, the idea of building the puzzle around that game came to me instantly! Technically, the locker code and the wayland protocol have been implemented from scratch ( using EGL and wl_keyboard_listeners ). My locker runs a version of the gbcc emulator modded by myself. This emulator waits for one precise value to be set in a given memory address. I have modded the Pokémon game to my needs: when the password is good, I put the good value in the good memory address so the emulator knows it needs to unlock the session. Hope you will appreciate this project!
3 by anajimi | 2 comments on Hacker News.
Hello everyone! I've created a gameboy emulator to unlock my Wayland session and wanted to share this project to everyone here! I've been a Linux enthusiast since I was a kid. What always captivated me was the freedom to customize my system exactly the way I wanted. With Wayland, we've reached an incredible level of performance. It's like turning your operating system into a video game! I've always been fascinated by the blend of fun and the serious, technical nature of an OS. That’s what inspired me to create this project. I started by studying Wayland, its protocol and how to build a compositor. Then I became particularly intrigued by the concept of a locker, which reminded me a bit of an escape game. That’s when I thought: how cool would it be to solve a puzzle to unlock your session, instead of just typing a password? Since I’ve worked with emulators in the past and I’m a huge Pokémon fan, the idea of building the puzzle around that game came to me instantly! Technically, the locker code and the wayland protocol have been implemented from scratch ( using EGL and wl_keyboard_listeners ). My locker runs a version of the gbcc emulator modded by myself. This emulator waits for one precise value to be set in a given memory address. I have modded the Pokémon game to my needs: when the password is good, I put the good value in the good memory address so the emulator knows it needs to unlock the session. Hope you will appreciate this project!
Sunday, August 10, 2025
Saturday, August 9, 2025
Friday, August 8, 2025
Thursday, August 7, 2025
New top story on Hacker News: GPT-5: Key characteristics, pricing and system card
GPT-5: Key characteristics, pricing and system card
107 by Philpax | 28 comments on Hacker News.
System card: https://ift.tt/SnPKQUH...
107 by Philpax | 28 comments on Hacker News.
System card: https://ift.tt/SnPKQUH...
Wednesday, August 6, 2025
Tuesday, August 5, 2025
Monday, August 4, 2025
Sunday, August 3, 2025
Saturday, August 2, 2025
Friday, August 1, 2025
New top story on Hacker News: Show HN: TraceRoot – Open-source agentic debugging for distributed services
Show HN: TraceRoot – Open-source agentic debugging for distributed services
10 by xinweihe | 0 comments on Hacker News.
Hey Xinwei and Zecheng here, we are the authors of TraceRoot ( https://ift.tt/0intYSb ). TraceRoot ( https://traceroot.ai ) is an open-source debugging platform that helps engineers fix production issues faster by combining structured traces, logs, source code contexts and discussions in Github PRs, issues and Slack channels, etc. with AI Agents. At the heart are our lightweight Python ( https://ift.tt/s07MzWj ) and TypeScript ( https://ift.tt/LOFJDxj ) SDKs - they can hook into your app using OpenTelemetry and captures logs and traces. These are either sent to a local Jaeger ( https://ift.tt/PIspe6o ) + SQLite backend or to our cloud backend, where we correlate them into a single view. From there, our custom agent takes over. The agent builds a heterogeneous execution tree that merges spans, logs, and GitHub context into one internal structure. This allows it to model the control and data flow of a request across services. It then uses LLMs to reason over this tree - pruning irrelevant branches, surfacing anomalous spans, and identifying likely root causes. You can ask questions like “what caused this timeout?” or “summarize the errors in these 3 spans”, and it can trace the failure back to a specific commit, summarize the chain of events, or even propose a fix via a draft PR. We also built a debugging UI that ties everything together - you explore traces visually, pick spans of interest, and get AI-assisted insights with full context: logs, timings, metadata, and surrounding code. Unlike most tools, TraceRoot stores long-term debugging history and builds structured context for each company - something we haven’t seen many others do in this space. What’s live today: - Python and TypeScript SDKs for structured logs and traces. - AI summaries, GitHub issue generation, and PR creation. - Debugging UI that ties everything together TraceRoot is MIT licensed and easy to self-host (via Docker). We support both local mode (Jaeger + SQLite) and cloud mode. Inspired by OSS projects like PostHog and Supabase - core is free, enterprise features like agent mode multi-tenant and slack integration are paid. If you find it interesting, you can see a demo video here: https://www.youtube.com/watch?v=nb-D3LM0sJM We’d love you to try TraceRoot ( https://traceroot.ai ) and share any feedback. If you're interested, our code is available here: https://ift.tt/0intYSb . If we don’t have something, let us know and we’d be happy to build it for you. We look forward to your comments!
10 by xinweihe | 0 comments on Hacker News.
Hey Xinwei and Zecheng here, we are the authors of TraceRoot ( https://ift.tt/0intYSb ). TraceRoot ( https://traceroot.ai ) is an open-source debugging platform that helps engineers fix production issues faster by combining structured traces, logs, source code contexts and discussions in Github PRs, issues and Slack channels, etc. with AI Agents. At the heart are our lightweight Python ( https://ift.tt/s07MzWj ) and TypeScript ( https://ift.tt/LOFJDxj ) SDKs - they can hook into your app using OpenTelemetry and captures logs and traces. These are either sent to a local Jaeger ( https://ift.tt/PIspe6o ) + SQLite backend or to our cloud backend, where we correlate them into a single view. From there, our custom agent takes over. The agent builds a heterogeneous execution tree that merges spans, logs, and GitHub context into one internal structure. This allows it to model the control and data flow of a request across services. It then uses LLMs to reason over this tree - pruning irrelevant branches, surfacing anomalous spans, and identifying likely root causes. You can ask questions like “what caused this timeout?” or “summarize the errors in these 3 spans”, and it can trace the failure back to a specific commit, summarize the chain of events, or even propose a fix via a draft PR. We also built a debugging UI that ties everything together - you explore traces visually, pick spans of interest, and get AI-assisted insights with full context: logs, timings, metadata, and surrounding code. Unlike most tools, TraceRoot stores long-term debugging history and builds structured context for each company - something we haven’t seen many others do in this space. What’s live today: - Python and TypeScript SDKs for structured logs and traces. - AI summaries, GitHub issue generation, and PR creation. - Debugging UI that ties everything together TraceRoot is MIT licensed and easy to self-host (via Docker). We support both local mode (Jaeger + SQLite) and cloud mode. Inspired by OSS projects like PostHog and Supabase - core is free, enterprise features like agent mode multi-tenant and slack integration are paid. If you find it interesting, you can see a demo video here: https://www.youtube.com/watch?v=nb-D3LM0sJM We’d love you to try TraceRoot ( https://traceroot.ai ) and share any feedback. If you're interested, our code is available here: https://ift.tt/0intYSb . If we don’t have something, let us know and we’d be happy to build it for you. We look forward to your comments!
Subscribe to:
Posts (Atom)