HN Reader

What if it doesn't work? on chances I don't take (kabcoder.substack.com)

1 points by kabcoder 9m ago 0 comments

Rust × Algotrading (nguyenhuythanh.com)

1 points by thanhnguyen2187 12m ago 1 comments

Goldman Sachs warns AI bubble could burst datacenter boom (theregister.com)

2 points by Brajeshwar 14m ago 0 comments

Show HN: BoreDOM JavaScript Framework. InflictBoredom(); WebComponent(); (hugodaniel.com)

1 points by hugodan 15m ago 0 comments

China Plans to Outpace Neuralink (tomshardware.com)

1 points by fork-bomber 18m ago 0 comments

Fedora ARM Release Changes Due to Red Hat QA Team Reduction (phoronix.com)

1 points by methuselah_in 18m ago 0 comments

Should you use AsyncLocalStorage? (2023) (eytanmanor.medium.com)

1 points by stareatgoats 19m ago 0 comments

Show HN: Urltovideo.com – convert website to scrolling video (urltovideo.com)

1 points by Airyisland 19m ago 0 comments

Making XML human-readable without XSLT (jakearchibald.com)

3 points by FromTheArchives 19m ago 0 comments

Looking for the best AI note taker for conferences? (hynote.ai)

1 points by sandykongkong 20m ago 0 comments

WasiPy – Python Interpreter in Wasi (github.com)

1 points by fbodz 20m ago 1 comments

Eugene Goostman (en.wikipedia.org)

1 points by sans_souse 22m ago 0 comments

Shared Ownership Is for Suckers (segfaulte.substack.com)

1 points by lunarcave 23m ago 0 comments

I gambled against React and lost (and I don't regret a thing) (goauthentik.io)

1 points by bobywoodwarrior 23m ago 0 comments

Show HN: Ad‑hoc availability app – timezone‑aware weekly overlap (no login) (availability.werda.pl)

1 points by synweap15 24m ago 0 comments

One Stack to Rule Them All: Elixir for Everything from UI to Infrastructure (youtube.com)

1 points by pwim 29m ago 1 comments

New Free AI Essay Writer Tool – Finding Seed Users (You) – In Any Language (flashpaper.ai)

1 points by Gorgice 39m ago 1 comments

New Knot Theory Discovery Overturns Long-Held Mathematical Assumption (scientificamerican.com)

2 points by robinhouston 39m ago 0 comments

Cloudflare blocks largest recorded DDoS attack peaking at 11.5 Tbps (bleepingcomputer.com)

3 points by taubek 40m ago 1 comments

Playground Elements: Serverless interactive editable coding env for the web (github.com)

1 points by ignoramous 40m ago 0 comments

So You Want to Abolish Property Taxes (progressandpoverty.substack.com)

2 points by kqr2 41m ago 0 comments

Thinking of "AI Enablement" course for developers – would this be useful?

1 points by stecu 42m ago 0 comments

Choose Other Name for "Claude.md"? (github.com)

1 points by divan 43m ago 1 comments

India Was the Economic Alternative to China. Trump Ended That (nytimes.com)

3 points by thunderbong 43m ago 2 comments

Ask HN: How AI is showing up in SRE, copilots and always-on tools

1 points by satyanudge 49m ago 0 comments

Pentagon plans for 600 military lawyers to replace immigration judges (washingtonpost.com)

1 points by KnuthIsGod 53m ago 0 comments

AI Music: The Infinite Jukebox (ft.com)

1 points by KnuthIsGod 56m ago 0 comments

Show HN: Hugsy is a configuration management system for Claude Code (github.com)

1 points by ktresdin 58m ago 0 comments

The Journey (medium.com)

1 points by bryanrasmussen 58m ago 0 comments

A Hidden Camera Protest Turned the Tables on China's Surveillance State (nytimes.com)

3 points by ripe 1h ago 0 comments

Adding [Derive(From)] to Rust (kobzol.github.io)

1 points by ingve 1h ago 0 comments

Do you prefer GPT or Google Gemini?

1 points by AaronSwift1 1h ago 1 comments

WeakC4: A search-free low-knowledge solution to 7x6 Connect 4 (2swap.github.io)

1 points by fanf2 1h ago 0 comments

Gmail Manager MCP (github.com)

1 points by Spark88 1h ago 2 comments

Baby's First Type Checker (austinhenley.com)

1 points by alexmolas 1h ago 0 comments

Lost RCS support in Google Messages since last month? You're not alone (androidauthority.com)

1 points by hocuspocus 1h ago 0 comments

Agentic Design Patterns: Building Intelligent Systems (docs.google.com)

1 points by helloplanets 1h ago 0 comments

Analyzing DuckDB's Performance Optimization Through TOPN and Count Distinct (github.com)

1 points by killtre 1h ago 0 comments

Finding thousands of exposed Ollama instances using Shodan (blogs.cisco.com)

15 points by rldjbpin 1h ago 0 comments

Deep Dive into Kerberos Attacks (blog.compass-security.com)

1 points by dec1m0s 1h ago 1 comments

A shell inside the normal editor widget in VS Code (matklad.github.io)

1 points by freetonik 1h ago 0 comments

Show HN: A hacky app for location sharing without suirvellance (fyrspot.app)

1 points by ezeoleaf 1h ago 0 comments

Show HN: Rage shake but for your Voice AI agent (github.com)

1 points by mehrad_1 1h ago 0 comments

My Mom and Dr. DeepSeek (restofworld.org)

4 points by pr337h4m 1h ago 0 comments

Berghain Challenge (berghain.challenges.listenlabs.ai)

2 points by ghuntley 1h ago 0 comments

Show HN: Multi-Agent-Coder Is #12 on Stanford's TBench. Beats Claude Code (github.com)

1 points by Danau5tin 1h ago 0 comments

Detonation Spraying (en.wikipedia.org)

2 points by zeristor 1h ago 1 comments

A weekly digest of the best of the open source (open-source-ward.com)

1 points by OpenSourceWard 1h ago 0 comments

Show HN: Clariti – Lightweight Focus and Sleep App (`brew install clariti`) (clariti.io)

1 points by liornitzan 2h ago 1 comments

Show HN: Did They Just Destroy DIY RAG AI Chatbots? [video] (youtube.com)

1 points by nicoloboschi 2h ago 0 comments

Ask HN: How to Harden Your Phone?

5 mandeepj 10 9/3/2025, 2:46:11 AM
Inspired by this thread - https://news.ycombinator.com/item?id=45106903

Whenever I hear the Pegasus app or read about it at HN, I get a bit worried. So, today was that day again.

I'm sure we have cybersecurity experts, security researchers, and Infosec pros here at HN. What do you recommend to keep your phone, especially an iPhone, hardened as a brick? Came across the following article, although a bit dated, which suggests not using FaceTime and iMessage. But in another search, I found iMessage is more secure than just plain old SMS/Text. I'm more worried about zero-click exploits.

https://usa.kaspersky.com/blog/how-to-protect-from-pegasus-spyware/26103/

Just a thought - would having a firewall[0] on your phone to block any incoming request or quarantine it for review will work? A response to a user-initiated request is different than an independent request coming to your phone. A clarification to avoid mixing both.

Also, a traffic monitor[1] to watch excessive outgoing traffic or excessive hard drive reads to detect if you are compromised.

I've also been thinking about developing a custom Secure Vault app, more like an isolated Sandbox; I'll share more details about it if I think I can pull it off. Any pointers, books, articles, or videos are greatly appreciated.

Security is a fascinating topic; Let's discuss.

[0] : https://apps.apple.com/us/app/guardian-firewall-vpn/id1363796315

[1]: https://apps.apple.com/us/app/traffic-monitor-with-widget/id482570191

[2]: https://www.youtube.com/watch?v=1p0Xm-Opzjg (Catching NSO Group's Pegasus spyware)

[3]: https://help.apple.com/pdf/security/en_US/apple-platform-security-guide.pdf

[4]: https://www.reuters.com/technology/cybersecurity/governments-spying-apple-google-users-through-push-notifications-us-senator-2023-12-06/

Comments (10)

runjake · 6h ago
This guide for iPhone and Android is a good start. Not all their recommendations are obvious.

https://www.cisa.gov/sites/default/files/2024-12/guidance-mo...

For a deeper guide, check out the CISecurity benchmarks for your smartphone. They go a bit deeper. But the CISA guide will get you most of the way there.

https://www.cisecurity.org/cis-benchmarks

k310 · 5h ago
How about this idea?

Since a great deal of mobile usage is at home, how about a firewall of the home network as an 80/20 kind of solution? (YMMV) You might include a VPN.

This does not help away from home.

I have asked friends to use Signal for its many features, but I'm in low-tech company lately. They need a kick. Signal might address your messaging needs, and TBH, is better than imessage or FaceTime in mixed company. "Green people". Mainly because it is entirely crosds-platform.

mandeepj · 5h ago
Can you please expand on 80/20 rule? 20% of traffic on mobile device or 20% might be suspicious?

I believe Signal is compromised! There are many such articles online https://www.truesec.com/hub/blog/russian-intelligence-compro...

necovek · 4h ago
They suggest you might be at home 80% of the time, thus firewall on the home network would protect during that time.
k310 · 3h ago
That was my intent. Simply that you might be protected 80% of the time, if you spend 80% of your usage at home, and of course, YMMV.

But the 80/20 rule as written about is quite different. Simplified, it states that some 20% of effort or cases can give 80% of the results, whereas the other 20% can take 80% of your time/effort to nail.

Please query Signal about any security concerns. There was a clone of it being used by government officials that had flaws.

2rsf · 3h ago
Who and what are you trying to protect from? ICE/NSA will hack your phone, and all you can do as an amateur is to make their life harder (and raise their suspicion even more)
reify · 31m ago
I alway found that dipping it in some araldite epoxy resin works great

Basically, squeeze both tubes, part A and part B, into a bowl, mix well.

lay your phone on a flat surface and pour the mixed araldite over the phone.

smooth and level the araldite with a plastic tool.

let dry.

sorted!

max_ · 3h ago
At the bare minimum, ditch the iPhone.

Get a pixel

Install grapheneOS

mandeepj · 3h ago
Ordered a Pixel 10 pro XL a couple days ago :-)

You believe GrapheneOS is more secure than Android?

max_ · 2h ago
Stock Android & iOS are literally spyware.

GrapheneOS is very private.