HN Reader

Ask HN: Why hasn't x86 caught up with Apple M series?

419 points by stephenheron 2d ago 600 comments

Ask HN: How to Learn to Build Agentic AI Systems (Like Claude Code)

4 points by hhimanshu 4h ago 3 comments

Ask HN: What are the best Google alternatives in 2025?

8 points by eel 4h ago 3 comments

Ask HN: How can I recover and run my old mobile game from the 2010s?

54 points by diasks2 2d ago 48 comments

Ask HN: GitHub Copilot down?

56 points by thecopy 5h ago 19 comments

Ask HN: What measures are you taking to stop AI crawlers?

6 points by kjok 6h ago 4 comments

Ask HN: Is backlink trading still a problem worth solving?

2 points by sathishn 7h ago 1 comments

Units of Economics of LLMs. Reply to Ed Zitron's "AI Is a Money Trap"

6 points by tudorizer 20h ago 5 comments

Ask HN: What to Do with Old iPads?

28 points by owenmakes 1d ago 19 comments

Ask HN: Does sentience put stress on the brain?

7 points by trinsic2 22h ago 3 comments

Ask HN: Is there a temp phone number like temp email?

9 points by piratesAndSons 1d ago 11 comments

Out of curiosity: what kind of people use this "forum" (I mean Hacker News)?

20 points by adinhitlore 1d ago 27 comments

Ask HN: What should I use to run React Native tests on a device?

4 points by dboreham 23h ago 0 comments

Ask HN: Why are so many services rejecting Google Voice numbers for signups?

12 points by electric_muse 1d ago 18 comments

Why is AI search still bad at trust and context?

2 points by zyruh 7h ago 1 comments

Ask HN: Best codebases to study to learn software design?

100 points by pixelworm 3d ago 89 comments

Stop squashing your commits. You're squashing your AI too

4 points by jannesblobel 1d ago 9 comments

Ask HN: Any experienced devs who use AI extensively in their work?

3 points by atleastoptimal 1d ago 4 comments

Ask HN: Why can't ChatGPT count to a million?

3 points by TimCTRL 11h ago 6 comments

Ask HN: How are you attributing your AI usage when developing software?

4 points by hartleybrody 1d ago 4 comments

Ask HN: Are AI filters becoming stricter than society itself?

29 points by tsevis 4d ago 16 comments

Patient Lisp Hacker Seeks Same for Long Walks Through IPL-V Code

6 points by abrax3141 1d ago 1 comments

Ask HN: Has anyone else used online communities that are archetypically "savvy"?

2 points by Use 1d ago 5 comments

High rate of LLM (GPT5) hallucinations in dense stats domains (cricket)

3 points by sp1982 1d ago 2 comments

Ask HN: What are you working on (August 2025)?

10 points by iryndin 1d ago 8 comments

429 Too Many Requests from registry.npmjs.org

2 points by mirekrusin 1d ago 2 comments

Ask HN: I just abandoned my PyCharm subscription, what should I use now?

22 points by jmward01 2d ago 23 comments

How can a mutex in Wine be faster than a native one on Linux

3 points by lh_mouse 1d ago 2 comments

Ask HN: What is wrong with modern software development

6 points by fzeindl 1d ago 7 comments

Ask HN: Recommandation for an Ergonomic Keyboard?

8 points by cx42net 1d ago 26 comments

Ask HN: Someone has committed 20K+ LoC to a PR, exhausting my CI & AI workflows

3 points by zacian 1d ago 11 comments

Ask HN: How do you find early stage startups to join

44 points by gavino 5d ago 23 comments

Ask HN: Best Marketplaces for Used Servers?

8 points by bloudermilk 3d ago 11 comments

Ask HN: Does using public transportation make you more creative than driving?

7 points by amichail 3d ago 11 comments

Ask HN: How can I trace what user queries make AI bots crawl my site?

4 points by ATechGuy 2d ago 2 comments

Ask HN: How is Nvidia streaming 4k games while remote control sw is low q lag

3 points by firechickenbird 22h ago 1 comments

Problem with Payment Gateways

13 points by tposter 3d ago 9 comments

Ask HN: Why do people hate on Sabine Hossenfelder so much?

6 points by ieuanking 1d ago 12 comments

Ask HN: What is the biggest problem LLMs solved in your life/work?

27 points by mrs6969 4d ago 40 comments

ASK HN: AI in high school. Will teachers and schools have to compensate?

2 points by qrsbrrr 2d ago 3 comments

Ask HN: What is your source for answers?

4 points by Haeuserschlucht 2d ago 5 comments

Ask HN: Devices to allow children to listen to podcasts on my local network?

2 points by jareds 2d ago 2 comments

DSPy GEPA Example: Listwise Reranker

3 points by CShorten 2d ago 0 comments

Ask HN: No easy way for tvOS to display long documents (e.g., terms of service)?

6 points by amichail 2d ago 5 comments

Ask HN: Did modern AI's coding abilities make you lose interest in programming?

25 points by amichail 11h ago 40 comments

OAuth Device Flow Vulnerabilities: Analysis of 2024-2025 Attack Wave

2 guptadeepak 1 8/27/2025, 6:41:17 PM guptadeepak.com ↗

Comments (1)

guptadeepak · 7h ago
This analysis dives into the recent surge of OAuth device flow attacks observed in 2024-2025, focusing on key protocol weaknesses and implementation gaps.

The critical issue stems from attacker exploitation of insufficient user code verification and token issuance processes, enabling device flow hijacking and abuse at scale. Notably, the challenge of securely binding device codes to legitimate users remains unresolved, especially in constrained input environments.

How are you addressing the trade-offs between user convenience and security in OAuth device flows?