Hacker Newsnew | past | comments | ask | show | jobs | submit | fady0's commentslogin

I wasn't gonna read the article but your comment made me open the link, you're so right, I can't stop laughing.

reply


The weird thing is I generally agree with Gary on most of his points. He makes interesting observations that often turn out to be correct. But the Gary Marcus blog post pattern cannot be denied.

reply


It did it without my permission, it's a small model to rename and group tabs, though, no more than 50M in size.


wait, hang on, I can't be the only person with 300 tabs open for whom that would actually be useful


Next.js isn't just a static site generator.


Astro isn't just a static site generator either. Not sure what your point is.


[flagged]


Did YOU even bother to look at their site? They support more than static generation, including SSR and even API endpoints. That means Astro has a server that can run server-side (or serverless) to do more than static site generation, so it's not just a static site generator either.

And yes I can see you're posting the same lie all over the comments here.

Stop being a potty mouth.


This guy's has been spamming hn for a while, I have seen this site 3 times already, to op no one is going to buy or subscribe to your services if you keep spamming like that.


Happy new year to you all!


Aren’t these codes supposed to have a timeout, like you have to use them within 10 minutes or they become invalid?


Sure, but say the implementation lets you try 5 codes in that 10 minutes with a 30 minute lockout. An attacker could trigger Account Recovery, blindly try 5 six-digit codes immediately, and have a 0.0005% chance getting into your account.

They could script this to run over a long period of time targeting 1 account, or they could target many accounts at once, and would probably have success.


This is my biggest gripe with email auth or any kind of security code via sms/mms. I pray for the day I can fully move to a passwordless setup and break free the mess of email addresses spaghetti and phone numbers.


It’s probably easier to just have an exception log when someone(s) have 100 bad password attempts in a day or whatever.


Feel free to implement something that sends a UUID, and deal with the complaints instead.


I've implemented otp codes / magic links many times now. They absolutely always have a timeout. Say 30 minutes.


I am a MacWhisper Pro user, and I successfully transcribed and translated a 15-hour course inside the app without any issues


The only way to talk to anyone at Google is to be friends with Sergey Brin and Larry Page.

I lost my Gmail account five years ago, and I still do not have access to it.


Thanks - I hadn't realised there isn't even some minimal form you can submit and get generic responses on. I just tested the recovery process (https://accounts.google.com/signin/recovery).

If you don't have enough information for them to reset, Google just provide links to instructions to not be locked out in future, and to create a new account.


The problem is I have the phone number, recovery keys and recovery email, I can provide more info if needed, this is not enough for Google to return my Gmail.

Right now I am using mail that is on my domian name, so I can back up my stuff and go at any time.


Reddit's subreddits can sometimes create echo chambers(all the big sub reddit are like that), and depending on the moderators' viewpoints, you might find opposite opinions in different communities.


you should add zen browser[1] too, i tried some from your list, librewolf breaks some websites (online banking doesn't work) floorp is a good one, but in my experience zen is better.

1: https://github.com/zen-browser/desktop


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: