الجمعة، 28 أغسطس 2020
Show HN: Healthcare Is Dumb https://ift.tt/32Go1CO
Show HN: Healthcare Is Dumb https://ift.tt/3j4acVe August 28, 2020 at 09:54PM
Show HN: I Made a Templating Language https://ift.tt/2YLxes2
Show HN: I Made a Templating Language https://ift.tt/3jrrsUi August 28, 2020 at 08:44PM
Show HN: Outdoor standing desk that goes on a tree https://ift.tt/2Ezzpbq
Show HN: Outdoor standing desk that goes on a tree https://ift.tt/2XhBJtI August 28, 2020 at 08:40PM
Show HN: Read The Count of Monte Cristo and others in installments in your email https://ift.tt/3hEFnG6
Show HN: Read The Count of Monte Cristo and others in installments in your email https://ift.tt/3jmmEje August 28, 2020 at 07:43PM
Show HN: Tool for Automating SQL Transforms https://ift.tt/2ELa51K
Show HN: Tool for Automating SQL Transforms Hey everyone this is Michael and Daniel from the structure.rest team. We built structure as an alternative to the command line based tools that currently exist for building DAGs for your data warehouse. With command line based tools, you have to edit and explore in a sql editor, paste that into a code editor, use the command line tool and use a web browser to view your data catalog. And then you have to go back and forth constantly between all these tools and do this over and over again for the hundreds of models in your DAG. Instead, we’ve built an open source editor + command line utility that integrates all of this into a single integrated experience. We feel that better tools lead to better data analysis which helps organizations make better data driven decisions Here’s a video that shows how intuitive the structure editor is: https://www.youtube.com/watch?v=hskhBTyg258 Come check us out at www.structure.rest and join our slack (https://ift.tt/3gEV3YT) . Both the editor and command line utility are open source and the editor downloads as an app for Windows, Linux, and Mac. Our command line tool makes it easy to run your DAG as part of CI/CD. We currently support snowflake (https://ift.tt/2PCAVdD), but we are looking forward to supporting other platforms. Let us know if there is a platform you would like us to support next. August 28, 2020 at 07:37PM
Launch HN: SuperTokens (YC S20) – Securely manage session tokens https://ift.tt/2YIHUb2
Launch HN: SuperTokens (YC S20) – Securely manage session tokens Hi everyone! My name is Advait and I co-founded SuperTokens along with @rishabhpoddar ( https://supertokens.io/ ). SuperTokens helps companies securely manage their session tokens, saving developer time and preventing identity theft. We started SuperTokens 1.5 years ago when we were building a consumer app and wanted our users to be logged in for a long time in a secure way. When it came to managing user sessions, there was a lot of ambiguity. We read many forums (Reddit, Stackoverflow) and blogs, and found that developers were arguing about best practices, such as using local storage vs cookies, implementing JWTs, etc. We had to do a lot of the first principles thinking ourselves to understand the tradeoffs. Around the same time, Facebook, Docker, Gitlab, Youtube, Uber were in the news for session vulnerabilities. Stealing a user’s session allows you to access their account as if you had their username and password. Hence being able to mitigate against this is important. We’ve audited companies and found large session vulnerabilities that they were not aware of. For a YC company, we were able to pull information on users that we shouldn’t have had access to. Through our research, we built something internally and decided to write a blog post [1] explaining how our system works. While SuperTokens is not currently open source, you can see the original codebase on Github [2]. Building a good solution for sessions requires a lot of specialised knowledge and time that could otherwise be spent on building your core business logic. Detecting session theft reliably is difficult. There are multiple race conditions, edge cases and network issues that need to be thought about. In fact, one of our libraries that solves a difficult race condition has 100K downloads / week and is even used by Auth0 [3] SuperToken mitigates against all session attacks (XSS, CSRF, etc) by implementing best practices. For a full list of types of attacks with real life examples please see [4]. However, it is not possible to mitigate against all attacks (for eg: social engineering) and hence, SuperTokens is also able to detect session theft. We use rotating refresh tokens as per the official OAuth specifications in RFC 6819 [5]. Auth0 has also started offering this, but due to their setup, they cannot use httpOnly cookies to store these tokens and this goes against popular compliance recommendations. Besides security, SuperTokens also offers improved API performance and developer convenience. For clustered and distributed environments, session verification for each API takes < 1 millisecond. You can get a user’s ID and access role without any database lookup. SuperTokens can be implemented in 15 minutes, provides a simple API and has clear documentation. We abstract away complexities of token management by providing frontend and backend SDKs. In the coming months we plan to offer Access Control, Internal Auth between services and for internal tools (i.e. recent Twitter hack was through unauthorized access to an internal tool), and more! We're still experimenting with pricing, so you won't find this on our website, but we'd love to hear your thoughts about it. Thank you for reading! We’d love to hear what this community specifically has to say and if you have any experience dealing with this. We’d appreciate any feedback! ---------- Footnotes: [1] - Blog post: https://medium.com/hackernoon/all-you-need-to-know-about-use... [2] - Github: https://github.com/supertokens/supertokens-core [3] - Library used by Auth0: https://www.npmjs.com/package/browser-tabs-lock [4] - List of attacks: https://supertokens.io/pdf/attackshomepagev1 [5] - OAuth RFC 6819: https://tools.ietf.org/html/rfc6819#section-5.2.2.3 August 28, 2020 at 06:08PM
Show HN: 3D first person game rendered in CSS/HTML https://ift.tt/2EyOmdO
Show HN: 3D first person game rendered in CSS/HTML https://ift.tt/3b4iM3q August 28, 2020 at 05:14PM
Show HN: Speechtext.ai – Automated Transcription Service with Human Accuracy https://ift.tt/3joEUsk
Show HN: Speechtext.ai – Automated Transcription Service with Human Accuracy https://speechtext.ai/ August 28, 2020 at 01:57PM
Show HN: PayPal emailed me today about 2001 request https://ift.tt/2QzwxO0
Show HN: PayPal emailed me today about 2001 request So I sold something on eBay 19 years and PayPal is let me know today the person is not going to pay via PayPal. They must have sent a check... Anyone out there getting older updates that this from ancient systems? 90's 80's? Auction Money Request Cancelled Hello Gemhunt.com , Peek-A-Boo 4-U cancelled the following auction money request: Seller: Gemhunt.com (sales@gemhunt.com) ---------------------------------------------------------------------- Money Request Details ---------------------------------------------------------------------- Seller's User ID: Amount:$1.99 USD Shipping & Handling:$2.90 USD Insurance: Total Amount:12.85 USD --------- Item Information --------- Item #:1613176702 Item Headline:400 Rough Diamonds * No Reserve!!! Item Quantity: 0 Item Unit Value: $1.99 USD Item Number:1613176702 Auction User ID: Item URL:https://ift.tt/2ED5Cyd End Date:Jul 11, 2001 Item Title:400 Rough Diamonds No Reserve!!! Here is a message from Peek-A-Boo 4-U: Thanks for bidding, My eBay ID is Gemhunt. com, My address for checks or money orders is: Mosaical Memories Inc, 2319 Fairview Ave, Fox River Grove, IL 60021, I ship the day after I receive payment, Thanks again, Paul Krush To view updated details of this auction money request, click on the following link or copy and paste the link into your web browser: https://ift.tt/34H6HjF Sincerely, PayPal PROTECT YOUR PASSWORD NEVER give your password to anyone, including PayPal employees. Protect yourself against fraudulent websites by opening a new web browser (e.g. Internet Explorer or Firefox) and typing in the PayPal URL every time you log in to your account. Copyright © 1999-2020 PayPal, Inc. All rights reserved. PayPal is located at 2211 N. First St., San Jose, CA 95131. August 28, 2020 at 03:59PM
Show HN: My Indie Hacker goal - Earn $100 a day to keep your desk job away https://ift.tt/3lBXpeO
Show HN: My Indie Hacker goal - Earn $100 a day to keep your desk job away My goal when I first started as an Indie Hacker was to earn $100/day. Everything that I did was to achieve that goal. I reached that goal after 6 months and I increased my goal to $200/day. I reached that goal a year back, now my current goal is $300/day. This might look small sometimes and easy to achieve but it's not and when you get small wins, you move to a bigger goal all the while maintaining the momentum and enthusiasm. On the flips side, if I had set my goal to $10K/month, it would seem very big and I might have given up very early (Actually I wouldn't because I quit my job and hate 9 to 5 job). A lot of people might not see any gratification anytime soon with big goals. Its always good to set small realistic goals which will ultimately make you a successful maker in the long run. So far i have built https://acrypto.io/ topping $4000/month https://visalist.io/ topping $7000/month https://simpleops.io/ topping $8000/month August 28, 2020 at 03:39PM
Show HN: Visualize Data Structures in VS Code https://ift.tt/31ziiPD
Show HN: Visualize Data Structures in VS Code https://ift.tt/32k1zhV August 28, 2020 at 03:34PM
Show HN: Fred-CLI https://ift.tt/32A6xaR
Show HN: Fred-CLI https://ift.tt/2QA7zOJ August 28, 2020 at 02:18PM
Show HN: Image Encryption-Decryption (Python) https://ift.tt/3jlx2ru
Show HN: Image Encryption-Decryption (Python) https://ift.tt/3jlmM2h August 28, 2020 at 10:39AM
Show HN: Generate beautiful summary GitHub statistics images using Actions https://ift.tt/3b4MftU
Show HN: Generate beautiful summary GitHub statistics images using Actions https://ift.tt/3lq4A9A August 28, 2020 at 08:58AM
Show HN: Little Ball of Fur 2.0 – A graph sampling Python library https://ift.tt/32BtsT9
Show HN: Little Ball of Fur 2.0 – A graph sampling Python library https://ift.tt/32us3Ob August 26, 2020 at 02:11PM
Show HN: Build Your Own Flight Tracking with Python and Open Air Traffic Data https://ift.tt/32ydfy7
Show HN: Build Your Own Flight Tracking with Python and Open Air Traffic Data https://ift.tt/34Fm3VD August 28, 2020 at 12:47PM
Show HN: Building CleanCam for iOS 6 in 2020 https://ift.tt/32zuvD7
Show HN: Building CleanCam for iOS 6 in 2020 https://ift.tt/3hFpcIW August 28, 2020 at 11:19AM
الاشتراك في:
الرسائل (Atom)