rust-u2f
hn-search
rust-u2f | hn-search | |
---|---|---|
8 | 1,620 | |
285 | 524 | |
- | 1.5% | |
5.4 | 2.9 | |
3 months ago | 6 months ago | |
Rust | TypeScript | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
rust-u2f
-
Software U2F with Fingerprint (On Linux)
This project aims to support U2F / FIDO2 using fingerprint reader on Linux (via libfprint). The goal is to have the same user experience with 2FA using Windows Hello.
This project is based on https://github.com/danstiner/rust-u2f with minor modification (see my fork: https://github.com/ngxson/rust-u2f-pkexec)
Link to the project: https://github.com/ngxson/softu2f-fprintd-docker
- The mechanics of a sophisticated phishing scam and how we stopped it
-
Apple, Google, and Microsoft commit to expanded support for FIDO standard
I've considered adding FIDO2 support to the software-only U2F token I wrote ( https://github.com/danstiner/rust-u2f). It's a fair bit of work though, and I am not sure how comfortable I am with passwordless login unless the keys are kept purely in hardware such as a TPM.
That said, my reading of this post is that FIDO2 support will get built into Chromium directly, which is itself open source. Or if you do want a hardware key but running open software, I'd definitely recommend https://solokeys.com/, I've been following them for a long time.
Also there was some related discussion on this same article last week: https://news.ycombinator.com/item?id=31274677
- Apple/Google/Microsoft to accelerate rollout of passwordless sign‑in standard
- Howdy – Windows Hello style facial authentication for Linux
-
Google is going to ban “less secure sign in method”
On a Workspace account you only need U2F token emulator (https://github.com/danstiner/rust-u2f woks fine) and thenn you can setup u2f first and add normal TOTP in second step. But u2f must stay there. I don't have a personal account to try if it works the same.
-
Ask HN: Is Google phasing out Authenticator/TOTP?
As it becomes easier to emulate hardware tokens[1], Google may start limiting which ones it accepts. I believe they can use attestation keys to do that.
This is just a softer layer of security to slow down less sophisticated mass signup attempts.
They may very well eventually phase out TOTP, under the justification that it is not as secure, but I would be shocked if they ever retire the highly insecure SMS verification.
TOTP is really easy to implement, and adds a ton of value. I have a oneliner that takes a screenshot, extracts the QR code with zbarimg, and adds it to my pass[2] password database, which then hooks back into my browser. I use it whenever it is available because it is so low effort.
[1]: https://github.com/danstiner/rust-u2f
-
Does 2FA actually prevent phishing?
GitHub has a couple of others listed, but I have not tested them personally: Example https://github.com/danstiner/rust-u2f
hn-search
-
Russian GRU was behind the attack in Vrbětice, NCOZ confirms
If it's not [flagged], there's no flagging and hence also no flagging ring. baybal2 has been banned on and off for years now https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu...
-
Gary Killdall, creator of CP/M, wrote Pixar's original 3D renderer [pdf]
The submitted title was "Gary Killdall, creator of CP/M, wrote Pixar's original 3D renderer".
Submitters: If you want to say what you think is important about an article, that's fine, but do it by adding a comment to the thread. Then your view will be on a level playing field with everyone else's: https://hn.algolia.com/?dateRange=all&page=0&prefix=false&so...
(From https://news.ycombinator.com/newsguidelines.html: "Please use the original title, unless it is misleading or linkbait; don't editorialize.")
-
Nearsightedness is at epidemic levels – and the problem begins in childhood
Vision therapy for myopia helps some people, but not everyone, likely due to genetic and neuroplasticity differences, https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu.... Nevertheless, many of the principles are useful for children whose eyes and brains are still developing.
-
Tesla driver arrested for homicide after running over motorcyclist on Autopilot
I'm a huge Tesla skeptic, but Tesla and Musk are lightning rods for tabloid-style garbage that doesn't belong on HN, so it doesn't surprise me that we often see negative Tesla content flagged to death. Meanwhile we also see plenty of content that hits the front page and stays there [0].
Do you have examples of professional, interesting Tesla content that got flagged?
[0] More than half of the past year's most popular Tesla articles were negative: https://hn.algolia.com/?dateRange=pastYear&page=0&prefix=tru...
-
The Man Who Killed Google Search
It's April 23rd, 2024, and I am still looking for a good, reliable, honest and simple search engine.
All I want to do is search.
No AI.
No ads.
No shopping.
Please don't "Answer my question." I enjoy doing my own original research, thanks.
I'm entirely willing - wanting even - to pay for it.
Currently Kagi has my $, but I'm saddened and frustrated that they're not even focused on Search, they're focused on AI[1] and t-shirts.
Amazingly, in 2024, there is still a market opportunity for a good search engine.
It can't really just be me, can it?
[1]: https://hn.algolia.com/?query=%22kagi%22+%22ai%22
-
Ask HN: Is Hacker News under attack from spam bots?
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
For historical purposes
-
Tesla Recalls All Cybertrucks for Faulty Accelerator Pedals
Most likely because there have been oodles of low-quality stories on these topics. We turned the flags off on this one since it maybe rises above the noise (see https://hn.algolia.com/?dateRange=all&page=0&prefix=false&so... for past explanations on how we approach that).
-
Show HN: What Are You Working On?
Hey HN,
I'm sure you've seen the monthly "Ask HN: What Are You Working On?" headlines on [Hacker News](https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...).
Honestly, it's my favorite topic because it's packed with insights about what other hackers are up to.
I wondered what it would be like if instead of just a headline, there was a whole website where hackers could post daily updates, and where we could follow the hackers we're interested in for their latest updates. And so, this web site was born.
I hope it gets used frequently so we can all benefit from it together. I look forward to hearing your thoughts.
Let me know what you think!
-
Not Apply to YC
I don't know what one thing you're referring to, but it's a core principle of HN to try to avoid repetition, and especially the repetition+indignation combo, which is the commonest and most tedious thing on the internet.
https://hn.algolia.com/?dateRange=all&page=0&prefix=false&so...
-
Nand to Tetris: Building a Modern Computer System from First Principles
Happy 10,000 day to you
https://news.ycombinator.com/from?site=nand2tetris.org
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
https://hn.algolia.com/?dateRange=all&page=0&prefix=true&que...
What are some alternatives?
OpenSK - OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
duckduckgo-locales - Translation files for <a href="https://duckduckgo.com"> </a>
secretive - Store SSH keys in the Secure Enclave
v - Simple, fast, safe, compiled language for developing maintainable software. Compiles itself in <1s with zero library dependencies. Supports automatic C => V translation. https://vlang.io
Coze - Coze is a cryptographic JSON messaging specification.
parser - 📜 Extract meaningful content from the chaos of a web page
wasmer - 🚀 The leading Wasm Runtime supporting WASIX, WASI and Emscripten
readability - A standalone version of the readability lib
solo1 - Solo 1 firmware in C
yq - Command-line YAML, XML, TOML processor - jq wrapper for YAML/XML/TOML documents
CozeJS - Coze Javascript - cryptographic JSON messaging specification
milkdown - 🍼 Plugin driven WYSIWYG markdown editor framework.