Hacker News with Generative AI: Security

Proof-of-work to protect lore.kernel.org and git.kernel.org against AI crawlers (kernel.org)
I'm sad to say that we're following the lead of many others and putting in proof-of-work proxies into place to protect ourselves against "AI" crawler bots. Yes, I hate this as much as you, but all other options are currently worse (such as locking us into specific vendors).We'll be rolling it out on lore.kernel.org and git.kernel.org in the next week or so.

Security, Artificial Intelligence, Open Source, Software

48 points by luu 3 hours ago | 59 comments

Tell HN: Google Authenticator lost all of my codes (ycombinator.com)

Security, Two-Factor Authentication, Google Authenticator

8 points by maxbond 4 hours ago | 7 comments

Gmail Users Can Send Encrypted Email to Anyone (forbes.com)
Gmail gets EE2E as it turns 21.

Email, Encryption, Security, Gmail

7 points by taubek 5 hours ago | 2 comments

GitHub found 39M secret leaks in 2024. Here's what we're doing to help (github.blog)
If you know where to look, exposed secrets are easy to find. Secrets are supposed to prevent unauthorized access, but in the wrong hands, they can be—and typically are—exploited in seconds.

Security, Data Breaches, Software Development, GitHub

6 points by gnabgib 6 hours ago | 1 comments

Record thefts boost North Korea to third-largest Bitcoin holder (thetimes.com)

Cryptocurrency, North Korea, Finance, Security

7 points by PaulHoule 6 hours ago | 0 comments

Zero Day in Microchip SAM Microcontrollers (recessim.com)
This write-up will cover analysis of the Microchip (ATMEL) SAM4C32 microcontroller vulnerability that allows an attacker to gain unlocked JTAG access to a previously locked device.

Security, Microcontrollers, Vulnerabilities, Hardware

59 points by BitBangingBytes 7 hours ago | 18 comments

Show HN: Arrakis – Open-source, self-hostable sandboxing service for AI Agents (github.com/abshkbh)
AI agents can generate malicious or buggy code that can attack the host system its run on.

AI, Security, Open Source, Software, Agents

23 points by abshkbh 8 hours ago | 2 comments

Matrix.org Will Migrate to MAS (matrix.org)
On Monday 7th of April 2025 at 7am UTC, we will migrate the Matrix.org homeserver's authentication system over to MAS (Matrix Authentication Service) in order to benefit from Next-generation authentication.

Security, Messaging, Open Source, Matrix

138 points by LorenDB 9 hours ago | 86 comments

When parameterization fails: SQL injection in Nim using parameterized queries (nns.ee)
I discovered a potential SQL injection vulnerability in Nim's standard library module db_postgres.

Security, Databases, Programming Languages, SQL Injection

13 points by xx_ns 9 hours ago | 3 comments

Porting Tailscale to Plan 9 (tailscale.com)
It’s been said that nothing helps land a joke like explaining it, so here we are to explain yesterday’s Tailscale Plan 9 announcement, even at the risk of killing the joke.

Operating Systems, Networking, Security

325 points by adriangrigore 10 hours ago | 81 comments

Abusive AI Web Crawlers: Get Off My Lawn (mythic-beasts.com)
As many other folks have reported in the last few weeks, we have also been seeing a huge increase in the amount of traffic from abusive web crawlers.

Web Scraping, Artificial Intelligence, Abuse, Security

22 points by bluehatbrit 12 hours ago | 20 comments

Cell Phone OPSEC for Border Crossings (schneier.com)
I have heard stories of more aggressive interrogation of electronic devices at US border crossings. I know a lot about securing computers, but very little about securing phones.

Security, Border Security, Privacy, Technology

13 points by sipofwater 14 hours ago | 3 comments

Call for testing: OpenSSH 10.0 (DSA support removed) (mindrot.org)
Hi all. OpenSSH 10.0p1 is almost ready for release, so we would appreciate testing on as many platforms and systems as possible. This is primarily a bugfix release, although one notable change is the introduction of the sshd-auth binary (see below).

Software, Security, Open Source, Networking

10 points by cnst 22 hours ago | 3 comments

Tailscale Enterprise Plan 9 Support (tailscale.com)
MURRAY HILL, NJ — Tailscale, the leading provider of effortless, private networking for modern distributed computing, today announced support for Plan 9™ from Bell Labs™, the operating system redefining how networks, resources, and computation are managed.

Networking, Operating Systems, Software, Security

43 points by donatj 1 day ago | 3 comments

SSLyze – SSL configuration scanning library and CLI tool (github.com/nabla-c0d3)
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.

Security, Python, Tools, Network Security

46 points by Brysonbw 1 day ago | 5 comments

2.8B Twitter IDs Leaked (forbes.com)
Elon Musk’s social media platform, X, is no stranger to the news. What with the reported purchase of X by xAI for $33 billion, attackers claiming responsibility for platform outages, and X password scams targeting users. Now, another shock awaits the users of what used to be Twitter: a self-proclaimed data enthusiast has just given away what is claimed to be a database containing details of some 200 million X user records. Here’s what we know so far.

Data Breaches, Social Media, Security, Privacy, Elon Musk

9 points by EVa5I7bHFq9mnYK 1 day ago | 6 comments

DEDA – Tracking Dots Extraction, Decoding and Anonymisation Toolkit (github.com/dfd-tud)
Document Colour Tracking Dots, or yellow dots, are small systematic dots which encode information about the printer and/or the printout itself. This process is integrated in almost every commercial colour laser printer. This means that almost every printout contains coded information about the source device, such as the serial number.

Privacy, Security, Software, Data Analysis

280 points by pavel_lishin 1 day ago | 95 comments

Apple's App Store used to host free VPN apps with ties to China military (appleinsider.com)
The App Store hosted a number of VPN apps with ties to a Chinese military-affiliated company sanctioned by the US, with millions of downloads between them all.

Security, Apple, China, VPN, App Store

8 points by vinni2 1 day ago | 0 comments

Apple Patches Older iPhones Against 'Sophisticated' Hacker Attacks (bitdefender.com)
Apple is offering a batch of updates across its product lineup this week to address dozens of important security flaws, including some that criminals are already exploiting.

Security, Apple, iPhones, Hacking, Software Updates

7 points by walterbell 1 day ago | 0 comments

Breach of X allegedly leaks over 200M users' email addresses (mashable.com)
An alleged X data breach has leaked the email addresses of more than 200 million users.

Data Breaches, Security, Social Media, Privacy

16 points by tantalor 1 day ago | 0 comments

New in Gmail: Making E2E encrypted emails easy to use for all organizations (workspace.google.com)
At Google, we believe that secure, confidential communication should be available for organizations of all sizes. However, end-to-end encrypted (E2EE) email was historically a privilege reserved for organizations with significant IT resources, due to the complexity of S/MIME and proprietary solutions.

Email, Security, Privacy, Google, Business

75 points by skim 1 day ago | 17 comments

Fix U.S. National Security (github.com/signalapp)
This pull request introduces a COMSEC (communications security) advisory banner to chat threads, reminding specific pool of users that Signal—despite its robust encryption—is not an appropriate venue for discussing classified information, coordinating military operations, or engaging in off-the-books foreign policy.

National Security, Encryption, Messaging, Security

29 points by Y-bar 1 day ago | 2 comments

Tailscale Enterprise Plan 9 Support (tailscale.com)
MURRAY HILL, NJ — Tailscale, the leading provider of effortless, private networking for modern distributed computing, today announced support for Plan 9™ from Bell Labs™, the operating system redefining how networks, resources, and computation are managed.

Networking, Operating Systems, Security, Software, New Releases

10 points by mef 1 day ago | 3 comments

Tips for Travelers Entering the U.S. Now: Check Your Visa, Turn Off Your Phone (nytimes.com)
At airports and land borders across the country, tourists and other visitors coming to the United States have reported being caught up in the Trump administration’s campaign of “enhanced vetting.”

Travel, Immigration, US Government, Security

14 points by zzzeek 2 days ago | 5 comments

DIY automation using only Linux (medium.com)
You may sometimes feel overwhelmed in a world where CircleCI, TeamCity, JFrog, Jenkins, and many other solutions manage continuous integration and auto-deployment. When you work with security products, you also have some confidentiality concerns. Having a good tutorial to create straightforward automation is quite handy.

Linux, Automation, Continuous Integration, Security

4 points by vfather 2 days ago | 0 comments

CVE-2025-24259: Leaking Bookmarks on macOS (wts.dev)
Happy Monday! You should probably update your Macs now. macOS Ventura 13.7.5, macOS Sonoma 14.7.5, and macOS Sequoia 15.4, are out. They include a lot of patches, with 15.4 including patches for 131 CVE's. If you're curious and want to validate that, just open the security release notes for that update and search for the string CVE-202. You'll find 131 matches on that page as of writing.

Security, macOS, Updates

17 points by nmgycombinator 2 days ago | 4 comments

JEP draft: Prepare to make final mean final (openjdk.org)
Issue warnings about uses of deep reflection to mutate final fields. The warnings aim to prepare developers for a future release that ensures integrity by default by restricting final field mutation; this makes Java programs safer and potentially faster. Application developers can avoid both current warnings and future restrictions by selectively enabling the ability to mutate final fields where essential.

Java, Programming Languages, Security, Software Development, Open Source

204 points by mfiguiere 2 days ago | 130 comments

Microsoft reports several bootloader vulnerabilities (microsoft.com)
By leveraging Microsoft Security Copilot to expedite the vulnerability discovery process, Microsoft Threat Intelligence uncovered several vulnerabilities in multiple open-source bootloaders, impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot as well as IoT devices.

Security, Vulnerabilities, Open Source, UEFI

19 points by hacknslack 2 days ago | 3 comments

Hetzner root servers get traffic for other machines (kiwi.fuo.fi)

Networking, Security, Servers

10 points by _vere 2 days ago | 5 comments

Is BIND9 suitable as a recursive resolver in 2025? (szafka.net)
Recently, we have been engaged in consulting work and providing DNS training for a major IT corporation, boasting an employee count exceeding 10,000. Thankfully, not every staff member attended the course.

DNS, Networking, Security, Technology

22 points by plagiat0r 2 days ago | 7 comments