HN Reader

Ask HN: Selling software to company I work for as an employee

45 points by apohak 3d ago 51 comments

Ask HN: Go deep into AI/LLMs or just use them as tools?

162 points by pella_may 23h ago 127 comments

Ask HN: Can you give tips on writing a README for project?

4 points by vseplet 15h ago 5 comments

Ask HN: What's your favorite architect/editor pair with Aider?

14 points by 34679 15h ago 1 comments

Ask HN: Conversational AI to Learn a Language

84 points by edweis 7d ago 61 comments

Ask HN: What HN posts inspired or changed your perspective the most?

42 points by hungle9 2d ago 20 comments

Ask HN: Senior SaaS developer wanting to pivot

4 points by heyheyhey 15h ago 8 comments

Ask HN: How do you promote your personal projects with a limited budget?

128 points by javafactory 3d ago 89 comments

ESP32 MCP Server

10 points by horw 1d ago 9 comments

Ask HN: Do you have a side project you're getting tired of?

29 points by gdulli 2d ago 23 comments

Ask HN: AI Reading List

10 points by TheAlchemist 1d ago 4 comments

I'm Peter Roberts, immigration attorney, who does work for YC and startups. AMA

256 points by proberts 8d ago 453 comments

Ask HN: What projects do you donate to?

4 points by xeonmc 1d ago 5 comments

Ask HN: How to Make Friendster Great?

94 points by ca98am79 3d ago 137 comments

We sold our first AI agent to a legacy industry–now we're stuck. Help us Advice?

11 points by goldmanX 2d ago 14 comments

Ask HN: How do you keep on top of all of the AI tools and new changes?

7 points by limonkufu 3d ago 12 comments

Ask HN: Places in the UK / Europe Related to computers

11 points by sailorganymede 2d ago 16 comments

I spent 15 years developing a tool to make sense of software version numbers

31 points by a1tern 4d ago 5 comments

Ask HN: Fakespot is shutting down July 1. Alternatives?

3 points by cjbarber 1d ago 1 comments

Ask HN: Pros and cons of offering a self-hosted version of your SaaS?

15 points by DavyCreddy 3d ago 5 comments

Modern Python Boilerplate – good package basic structure

11 points by lambda-science 3d ago 3 comments

Apple Rejects My Name Because It Contains "Dek" – But "Dick" Is Allowed

13 points by Kevin605 11h ago 1 comments

Ask HN: Where to find UX design resources?

17 points by bindd 4d ago 6 comments

Ask HN: Engineering Statics and Dynamics book recommendation

10 points by areoform 3d ago 2 comments

What If Every Picture You've Ever Seen Already Exists?

20 points by cin4ed 4d ago 28 comments

Tell HN: The Hetzner Experience - Invisible Outages

39 points by AmazingTurtle 4d ago 12 comments

AskHN: Best, simplest platform to run a Technical Interview on?

4 points by marche101 2d ago 4 comments

Ask HN: Don't You Mind That LLMs Are Mostly Proprietary?

18 points by dakiol 5d ago 19 comments

Ask HN: Agent / workflow frameworks or roll your own?

4 points by dennisy 2d ago 4 comments

Ask HN: What makes a programming language great for code generation?

3 points by keithasaurus 2d ago 3 comments

Ask HN: How are you using LLMs for research on a library of journal articles?

6 points by jopizio 3d ago 0 comments

KYC Is the Crime – Ludlow Institute

6 janandonly 2 5/24/2025, 8:33:26 PM ludlowinstitute.org ↗

Comments (2)

not_your_vase · 22m ago
What a horrible article - defending garbage enterprise security practices against the KYC regulations?

No system is unhackable? You know what? No regulations say that you have to store sensitive information on an online machine. Also, no regulation prevents you from installing security updates in a timely manner.

Every time a hack happens, the response is always "very sophisticated state-level actors". You know what's behind 98% of them? Password enabled ssh (with the password being $COMPANYNAME123), client-sided password verification in javascript, and when authentication works, frequently it only protects the login page - if you know the direct URL to a resource, just type it to go around the login. Or just simply running on a system that hasn't seen an update since the pandemic. All these keep happening to this day.

It really wouldn't take a lot to make things work, all the tools have been available since a long time.

onecommentman · 4h ago
Sounds like the Author is arguing in favor of “security through obscurity”. There are well-known issues with this approach that those interested can research.