The best Hacker News stories from All from the past week

from

All Show

from the past*

day week month

with these search terms:

Create follow Go back

Latest posts:

Twitter suspends pg's account [fixed]

Twitter suspends pg's account [fixed]

John Carmack Leaves Meta

Twitter applies 7-day suspension to half a dozen journalists

Twitter has re-suspended ElonJet account

Riffusion – Stable Diffusion fine-tuned to generate music

ElonJet Is Now Suspended

SBF Arrested by Bahamian Authorities

US Department of Energy: Fusion Ignition Achieved

Fusion energy breakthrough by Livermore Lab

Ask HN: Should HN ban ChatGPT/generated responses?

It's already happening [0].<p>Stackoverflow recently banned generated responses [1].<p>We're facing a new karma-generating strategy and, IMO, a policy is urgently needed.<p>[0]: <a href="https://news.ycombinator.com/threads?id=clay-dreidels" rel="nofollow">https://news.ycombinator.com/threads?id=clay-dreidels</a><p>[1]: <a href="https://stackoverflow.com/help/gpt-policy" rel="nofollow">https://stackoverflow.com/help/gpt-policy</a>

Be wary of imitating high-status people who can afford to countersignal

Not-so-great features coming soon to Windows 11

Ask HN: Developer abused “sign in with GitHub”?

The offending website "nopecha.com", which unfortunately i found about a week ago on HN itself appeared to be another captcha service but one that was offering "1 Sec" solve speed for text captchas. i was interested and by the looks of it, a lot of people. their webisite only had "sign in with google" so i didnt bother. The day before i check the website out of boredom and saw "sign in with github". i logged in, clicked through a bunch of pages because its the same drill everytime. i found out that i had "automatically starred their repos". by the looks of it, around 500 "stars", the last i saw.<p>suddenly i am unable to log in to my github and the page just says "account suspended."<p>contacted their support and the last response i got from them was "your ban should stay as you engaged in improper behavior of stars farming" or some other BS.<p>Here is my problem. I am not a part of nopecha. I just used their website once using "sign in with github" button. That is the extent of my involvement.<p>How can github allow the developer to use "sign in with" button to create a situation that they could LATER consider abusive but then go ahead and ban all the victims also?<p>i did not voluntarily want to join their abusive practice, i just wanted a log into the website. (There was no explicit mention of the stars farming practice on the website) Why is github allowing the developer to abuse their Oath in the first place?<p>If this is going to be a norm going forward, i do not see any hope of "sign in with" buttons for any service because then you could be banned from one service and suddenly everything connected to your account is also banned.<p>I honestly expect the "sign in with x" button to provide a frictionless access to a website, thats it. how could the developer abuse that process and the website, instead of acting on the developer alone, are causing trouble to unsuspecting victims?<p>edit: to add a bit more context, here is the first reply i got from github on my support request<p>"Your account has restrictions imposed because it appears to have been used for the purpose of artificially inflating the popularity of GitHub accounts or repositories.<p>This activity isn't in keeping with our Terms of Service.<p>We'll need to leave the restrictions in place."<p>I knowingly or unknowingly accepted to allow the app to access my stars action or whatever. i did not engage in this practice myself, their automated system did. i even had "forkhub" android app and i did see "stars" and i remember unstarring 4/5 of their repos myself so its not like i did not try to undo their actions.<p>the problem here is. 1. if github is allowing developers to include their permissions alongwith the SSO workflow 2. github is allowing apps write action to stars from the users accounts which can be legitimate or not. 3. user is not responsible for automated actions taken without their consent or even if consent was there, user is not aware of the "actual scope" meaning app could say "you allow us stars access" but not "you allow us stars access with the knowledge that such permission can be a banable offense, you are warned" 4. unless the user is a sockpuppet account created for the sole purpose (by checking age/activity of user), is it reasonable to throw the banhammer so quickly on everyone involved? 5. why did github not ban the original dev, stop the users from starring for a "cooling period" or "undid their stars" ? why was a ban necessary?

Apple kills plans to scan for CSAM in iCloud

I liberate the ending to Minecraft from Microsoft and give it to you

Apple GPU drivers now in Asahi Linux

Tell HN: IPv6-only still pretty much unusable

Our Hosting provider, Hetzner, has recently started charging for public IPv4 addresses - as they should! Those numbers started getting expensive. This prompted me to try and set up a new server cluster using IPv6 exclusively, and see how far I could get before having to give in and purchase an additional v4 address.<p>The experiment ended much sooner than I had anticipated. Some of the road blocks I hit along the way:<p><pre><code> - The GitHub API and its code load endpoints are not reachable via IPv6, making it impossible to download release artefacts from many projects, lots of which distribute their software via GitHub exclusively (Prometheus for instance). - The default Ubuntu key servers aren't reachable via IPv6, making it difficult to install packages from third-party registries, such as Docker or Grafana. While debugging, I noticed huge swaths of the GPG infrastructure are defunct: There aren't many key servers left at all, and the only one I found actually working via IPv6 was pgpkeys.eu. - BitBucket cannot deploy to IPv6 hosts, as pipelines don't support IPv6 at all. You can self-host a pipeline runner and connect to it via v6, BUT it needs to have a dual stack - otherwise the runner won't start. - Hetzner itself doesn't even provide their own API via IPv6 (which we talk to for in-cluster service discovery. Oh, the irony. </code></pre> It seems IPv6 is still not viable, more than a decade after launch. Do you use it in production? If so, how? What issues did you hit?

Apple introduces end-to-end encryption for backups

Mac OS 9