Sunday, 31 August 2025
New top story on Hacker News: Show HN: Anonymous Age Verification
Show HN: Anonymous Age Verification
7 by jwally | 4 comments on Hacker News.
So I'm not an expert in this area, but here's an attempt at cost effective, anonymous, age verification flow that probably covers ~70% of use cases in the United States. The basic premise is to leverage your bank (who already has had to perform KYC on you to open an account) to attest to your age for age-restricted merchant sites (pornhub, gambling, etc) without sharing any more information than necessary. Flow works like this: 1) You go to gambling.com 2) They request you to verify your age 3) You choose "Bank Verification" 4) You trigger a WebAuthn Credential Creation flow 5) gambling.com gives you a string to copy ------------- 6) You log into your bank 7) You go to bank.com/age-verify 8) You paste in the string you were given 9) The bank verifies it/you and creates a signed payload with your age-claims (over_18: true, over_21: false) 10) You copy this and go back to gambling.com --------------- 11) You paste the string back into gambling.com 12) You perform WebAuthn Auth flow 13) gambling.com verifies everything (signatures, webauthn, etc) 14) gambling.com sets a session-cookie and _STRONGLY_ encourages you to create an account (with a pass key). This will prevent you from having to verify your age every time you visit gambling.com The mechanics might feel off, but it feels like this in the neighborhood of a way to perform anonymous age verification. This is virtually free, and requires extremely light infra. Banks can be incentivized with small payments, or offer it because everyone else does and don't want to get left behind.
7 by jwally | 4 comments on Hacker News.
So I'm not an expert in this area, but here's an attempt at cost effective, anonymous, age verification flow that probably covers ~70% of use cases in the United States. The basic premise is to leverage your bank (who already has had to perform KYC on you to open an account) to attest to your age for age-restricted merchant sites (pornhub, gambling, etc) without sharing any more information than necessary. Flow works like this: 1) You go to gambling.com 2) They request you to verify your age 3) You choose "Bank Verification" 4) You trigger a WebAuthn Credential Creation flow 5) gambling.com gives you a string to copy ------------- 6) You log into your bank 7) You go to bank.com/age-verify 8) You paste in the string you were given 9) The bank verifies it/you and creates a signed payload with your age-claims (over_18: true, over_21: false) 10) You copy this and go back to gambling.com --------------- 11) You paste the string back into gambling.com 12) You perform WebAuthn Auth flow 13) gambling.com verifies everything (signatures, webauthn, etc) 14) gambling.com sets a session-cookie and _STRONGLY_ encourages you to create an account (with a pass key). This will prevent you from having to verify your age every time you visit gambling.com The mechanics might feel off, but it feels like this in the neighborhood of a way to perform anonymous age verification. This is virtually free, and requires extremely light infra. Banks can be incentivized with small payments, or offer it because everyone else does and don't want to get left behind.
Saturday, 30 August 2025
New top story on Hacker News: GAO warns of privacy risks in using facial recognition in rental housing
GAO warns of privacy risks in using facial recognition in rental housing
19 by Improvement | 0 comments on Hacker News.
19 by Improvement | 0 comments on Hacker News.
Friday, 29 August 2025
Thursday, 28 August 2025
Wednesday, 27 August 2025
Tuesday, 26 August 2025
Monday, 25 August 2025
Sunday, 24 August 2025
Saturday, 23 August 2025
Friday, 22 August 2025
Thursday, 21 August 2025
Wednesday, 20 August 2025
Tuesday, 19 August 2025
Monday, 18 August 2025
Sunday, 17 August 2025
New top story on Hacker News: Show HN: NextDNS Adds "Bypass Age Verification"
Show HN: NextDNS Adds "Bypass Age Verification"
28 by nextdns | 3 comments on Hacker News.
We just shipped a new feature in NextDNS: Bypass Age Verification. More and more sites (especially adult ones) are now forcing users to upload IDs or selfies to continue. We think that’s a terrible idea: handing over government documents to random sites is a huge privacy risk. This new setting workarounds those verification flows via DNS tricks. It’s available today to all users, including free accounts. We’re curious how the HN community feels about this. Is it the right way to protect privacy online, or will it just provoke regulators to push harder? https://nextdns.io
28 by nextdns | 3 comments on Hacker News.
We just shipped a new feature in NextDNS: Bypass Age Verification. More and more sites (especially adult ones) are now forcing users to upload IDs or selfies to continue. We think that’s a terrible idea: handing over government documents to random sites is a huge privacy risk. This new setting workarounds those verification flows via DNS tricks. It’s available today to all users, including free accounts. We’re curious how the HN community feels about this. Is it the right way to protect privacy online, or will it just provoke regulators to push harder? https://nextdns.io
Saturday, 16 August 2025
Friday, 15 August 2025
Thursday, 14 August 2025
Wednesday, 13 August 2025
Tuesday, 12 August 2025
Monday, 11 August 2025
Sunday, 10 August 2025
Saturday, 9 August 2025
Friday, 8 August 2025
Thursday, 7 August 2025
New top story on Hacker News: Encryption made for police and military radios may be easily cracked
Encryption made for police and military radios may be easily cracked
25 by mikece | 10 comments on Hacker News.
https://ift.tt/omgsfl9
25 by mikece | 10 comments on Hacker News.
https://ift.tt/omgsfl9
Wednesday, 6 August 2025
New top story on Hacker News: Google says AI in Search is driving more queries and higher quality clicks
Google says AI in Search is driving more queries and higher quality clicks
18 by thm | 22 comments on Hacker News.
18 by thm | 22 comments on Hacker News.
Tuesday, 5 August 2025
Monday, 4 August 2025
Sunday, 3 August 2025
Saturday, 2 August 2025
New top story on Hacker News: Introduction to Unikernel: Building, deploying lightweight, secure applications
Introduction to Unikernel: Building, deploying lightweight, secure applications
5 by eyberg | 7 comments on Hacker News.
5 by eyberg | 7 comments on Hacker News.
Friday, 1 August 2025
New top story on Hacker News: Tesla must pay $329M in damages in fatal Autopilot case, jury says
Tesla must pay $329M in damages in fatal Autopilot case, jury says
44 by koolba | 10 comments on Hacker News.
44 by koolba | 10 comments on Hacker News.
New top story on Hacker News: Show HN: TraceRoot – Open-source agentic debugging for distributed services
Show HN: TraceRoot – Open-source agentic debugging for distributed services
10 by xinweihe | 0 comments on Hacker News.
Hey Xinwei and Zecheng here, we are the authors of TraceRoot ( https://ift.tt/rvYwXth ). TraceRoot ( https://traceroot.ai ) is an open-source debugging platform that helps engineers fix production issues faster by combining structured traces, logs, source code contexts and discussions in Github PRs, issues and Slack channels, etc. with AI Agents. At the heart are our lightweight Python ( https://ift.tt/ZD5eOp6 ) and TypeScript ( https://ift.tt/1bOFG6t ) SDKs - they can hook into your app using OpenTelemetry and captures logs and traces. These are either sent to a local Jaeger ( https://ift.tt/FHaAK8C ) + SQLite backend or to our cloud backend, where we correlate them into a single view. From there, our custom agent takes over. The agent builds a heterogeneous execution tree that merges spans, logs, and GitHub context into one internal structure. This allows it to model the control and data flow of a request across services. It then uses LLMs to reason over this tree - pruning irrelevant branches, surfacing anomalous spans, and identifying likely root causes. You can ask questions like “what caused this timeout?” or “summarize the errors in these 3 spans”, and it can trace the failure back to a specific commit, summarize the chain of events, or even propose a fix via a draft PR. We also built a debugging UI that ties everything together - you explore traces visually, pick spans of interest, and get AI-assisted insights with full context: logs, timings, metadata, and surrounding code. Unlike most tools, TraceRoot stores long-term debugging history and builds structured context for each company - something we haven’t seen many others do in this space. What’s live today: - Python and TypeScript SDKs for structured logs and traces. - AI summaries, GitHub issue generation, and PR creation. - Debugging UI that ties everything together TraceRoot is MIT licensed and easy to self-host (via Docker). We support both local mode (Jaeger + SQLite) and cloud mode. Inspired by OSS projects like PostHog and Supabase - core is free, enterprise features like agent mode multi-tenant and slack integration are paid. If you find it interesting, you can see a demo video here: https://www.youtube.com/watch?v=nb-D3LM0sJM We’d love you to try TraceRoot ( https://traceroot.ai ) and share any feedback. If you're interested, our code is available here: https://ift.tt/rvYwXth . If we don’t have something, let us know and we’d be happy to build it for you. We look forward to your comments!
10 by xinweihe | 0 comments on Hacker News.
Hey Xinwei and Zecheng here, we are the authors of TraceRoot ( https://ift.tt/rvYwXth ). TraceRoot ( https://traceroot.ai ) is an open-source debugging platform that helps engineers fix production issues faster by combining structured traces, logs, source code contexts and discussions in Github PRs, issues and Slack channels, etc. with AI Agents. At the heart are our lightweight Python ( https://ift.tt/ZD5eOp6 ) and TypeScript ( https://ift.tt/1bOFG6t ) SDKs - they can hook into your app using OpenTelemetry and captures logs and traces. These are either sent to a local Jaeger ( https://ift.tt/FHaAK8C ) + SQLite backend or to our cloud backend, where we correlate them into a single view. From there, our custom agent takes over. The agent builds a heterogeneous execution tree that merges spans, logs, and GitHub context into one internal structure. This allows it to model the control and data flow of a request across services. It then uses LLMs to reason over this tree - pruning irrelevant branches, surfacing anomalous spans, and identifying likely root causes. You can ask questions like “what caused this timeout?” or “summarize the errors in these 3 spans”, and it can trace the failure back to a specific commit, summarize the chain of events, or even propose a fix via a draft PR. We also built a debugging UI that ties everything together - you explore traces visually, pick spans of interest, and get AI-assisted insights with full context: logs, timings, metadata, and surrounding code. Unlike most tools, TraceRoot stores long-term debugging history and builds structured context for each company - something we haven’t seen many others do in this space. What’s live today: - Python and TypeScript SDKs for structured logs and traces. - AI summaries, GitHub issue generation, and PR creation. - Debugging UI that ties everything together TraceRoot is MIT licensed and easy to self-host (via Docker). We support both local mode (Jaeger + SQLite) and cloud mode. Inspired by OSS projects like PostHog and Supabase - core is free, enterprise features like agent mode multi-tenant and slack integration are paid. If you find it interesting, you can see a demo video here: https://www.youtube.com/watch?v=nb-D3LM0sJM We’d love you to try TraceRoot ( https://traceroot.ai ) and share any feedback. If you're interested, our code is available here: https://ift.tt/rvYwXth . If we don’t have something, let us know and we’d be happy to build it for you. We look forward to your comments!