<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hacker News: LuD1161</title><link>https://news.ycombinator.com/user?id=LuD1161</link><description>Hacker News RSS</description><docs>https://hnrss.org/</docs><generator>hnrss v2.1.1</generator><lastBuildDate>Fri, 03 Jul 2026 23:59:38 +0000</lastBuildDate><atom:link href="https://hnrss.org/user?id=LuD1161" rel="self" type="application/rss+xml"></atom:link><item><title><![CDATA[New comment by LuD1161 in "ZCode – Harness for GLM-5.2"]]></title><description><![CDATA[
<p>Might wanna check out <a href="https://github.com/LuD1161/agentjail" rel="nofollow">https://github.com/LuD1161/agentjail</a> - policy guardrails for coding agents.<p>shameless self-plug. I've been dogfooding it for the last 3 weeks now.</p>
]]></description><pubDate>Thu, 02 Jul 2026 07:05:52 +0000</pubDate><link>https://news.ycombinator.com/item?id=48757591</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=48757591</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48757591</guid></item><item><title><![CDATA[New comment by LuD1161 in "[dead]"]]></title><description><![CDATA[
<p>Dont trust your production data with a markdown file. Have deterministic guardrails</p>
]]></description><pubDate>Sun, 28 Jun 2026 17:04:04 +0000</pubDate><link>https://news.ycombinator.com/item?id=48709253</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=48709253</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48709253</guid></item><item><title><![CDATA[New comment by LuD1161 in "Show HN: Honest Privacy Policies – We Read the Fine Print So You Don't Have To"]]></title><description><![CDATA[
<p>Thanks !</p>
]]></description><pubDate>Sat, 06 Jun 2026 09:10:11 +0000</pubDate><link>https://news.ycombinator.com/item?id=48422960</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=48422960</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48422960</guid></item><item><title><![CDATA[New comment by LuD1161 in "Show HN: Honest Privacy Policies – We Read the Fine Print So You Don't Have To"]]></title><description><![CDATA[
<p>For now I am parsing the text only. Testing app for real instances would be fun and a dedicated project in itself. I've some ideas, hit me up if you're interested or can collab if you're doing it already.</p>
]]></description><pubDate>Sat, 06 Jun 2026 00:30:50 +0000</pubDate><link>https://news.ycombinator.com/item?id=48420136</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=48420136</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48420136</guid></item><item><title><![CDATA[Show HN: Honest Privacy Policies – We Read the Fine Print So You Don't Have To]]></title><description><![CDATA[
<p>Hi HN, I’m Aseem<p>Last month, during my commencement for a Master's in Privacy Engineering at CMU, my friends and I were joking about the absurd volume of unreadable privacy policies we’d spent semesters dissecting. What started as a graduation joke stuck with me, and over the last few weeks, it transformed into this actual project.<p>I’m personally very privacy-conscious—I self-host my NAS, run Immich for my photos, and try to self-host where I can. But completely decoupling from third-party services is nearly impossible. Even with a technical background in privacy and security, figuring out what a SaaS tool actually does with your data telemetry means wading through buried boilerplate that no one has time to read.<p>I built HonestPrivacyPolicies.org to turn that text into structured, actionable insights.<p>Would love your feedback. A few questions I've been asking ppl :
1. What would you love to see in a privacy policy (check our pp as well)
2. What questions do you want answers to when you give your data to an org<p>Cheers!</p>
<hr>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=48419076">https://news.ycombinator.com/item?id=48419076</a></p>
<p>Points: 5</p>
<p># Comments: 4</p>
]]></description><pubDate>Fri, 05 Jun 2026 22:17:59 +0000</pubDate><link>https://honestprivacypolicies.org/</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=48419076</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48419076</guid></item><item><title><![CDATA[Security Engineering Is a Context Problem]]></title><description><![CDATA[
<p>Article URL: <a href="https://aseemshrey.in/blog/security-engineering-is-a-context-problem/">https://aseemshrey.in/blog/security-engineering-is-a-context-problem/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=48031250">https://news.ycombinator.com/item?id=48031250</a></p>
<p>Points: 4</p>
<p># Comments: 0</p>
]]></description><pubDate>Wed, 06 May 2026 02:02:04 +0000</pubDate><link>https://aseemshrey.in/blog/security-engineering-is-a-context-problem/</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=48031250</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=48031250</guid></item><item><title><![CDATA[New comment by LuD1161 in "The Newness Illusion: Why Everything Was Better 'Back in Our Day'"]]></title><description><![CDATA[
<p>wow. this is such an interesting perspective. hadn't thought so deeply about my 'shower thought'. This expands my horizon. Might put this into the update.
When I was thinking about it, the fleeting thought was majorly about the 'newness effect' which isn't related to a subjective liking of something but is pervasive across everything, whether it be tech, music, movies etc.<p>Thanks for sharing this.</p>
]]></description><pubDate>Sun, 01 Mar 2026 23:27:05 +0000</pubDate><link>https://news.ycombinator.com/item?id=47211930</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=47211930</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47211930</guid></item><item><title><![CDATA[New comment by LuD1161 in "The Newness Illusion: Why Everything Was Better 'Back in Our Day'"]]></title><description><![CDATA[
<p>A friend said KubeCon "isn't the same anymore." I asked what got worse. They couldn't answer. Turns out there's a name for this.<p>Three names, actually:
1. Hedonic Adaptation : Brain's inbuilt boredom machine
2. Rosy Retrospection : Your Memory is a Highlight Reel
3. Declinism : The "Kids These Days" Bias</p>
]]></description><pubDate>Sun, 01 Mar 2026 19:58:38 +0000</pubDate><link>https://news.ycombinator.com/item?id=47210103</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=47210103</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47210103</guid></item><item><title><![CDATA[The Newness Illusion: Why Everything Was Better 'Back in Our Day']]></title><description><![CDATA[
<p>Article URL: <a href="https://aseemshrey.in/blog/the-newness-illusion/">https://aseemshrey.in/blog/the-newness-illusion/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=47210102">https://news.ycombinator.com/item?id=47210102</a></p>
<p>Points: 2</p>
<p># Comments: 6</p>
]]></description><pubDate>Sun, 01 Mar 2026 19:58:38 +0000</pubDate><link>https://aseemshrey.in/blog/the-newness-illusion/</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=47210102</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=47210102</guid></item><item><title><![CDATA[New comment by LuD1161 in "I hacked India's GST portal–11.8M taxpayers exposed; enabling stock manipulation"]]></title><description><![CDATA[
<p>I found an Insecure Direct Object Reference(IDOR0 security issue that led to leaking GST challans (receipts) of all the 11.8M registered taxpayers. Here's the full story alongwith a video PoC.<p>Note: No personal data was ever shared or harvested. This was responsibly disclosed to the authorities through proper channels and only after the disclosure timeline (120 days) was it published in the online media.</p>
]]></description><pubDate>Sun, 07 Sep 2025 08:30:51 +0000</pubDate><link>https://news.ycombinator.com/item?id=45156442</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=45156442</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=45156442</guid></item><item><title><![CDATA[I hacked India's GST portal–11.8M taxpayers exposed; enabling stock manipulation]]></title><description><![CDATA[
<p>Article URL: <a href="https://aseem-shrey.medium.com/manipulating-indias-stock-market-the-gst-portal-data-leak-b5437c817071">https://aseem-shrey.medium.com/manipulating-indias-stock-market-the-gst-portal-data-leak-b5437c817071</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=45156441">https://news.ycombinator.com/item?id=45156441</a></p>
<p>Points: 6</p>
<p># Comments: 1</p>
]]></description><pubDate>Sun, 07 Sep 2025 08:30:51 +0000</pubDate><link>https://aseem-shrey.medium.com/manipulating-indias-stock-market-the-gst-portal-data-leak-b5437c817071</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=45156441</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=45156441</guid></item><item><title><![CDATA[New comment by LuD1161 in "[dead]"]]></title><description><![CDATA[
<p>I've started this series on online privacy to teach people some of the good online cybersecurity hygiene, that can help them keep safe.</p>
]]></description><pubDate>Wed, 06 Nov 2024 06:03:58 +0000</pubDate><link>https://news.ycombinator.com/item?id=42057471</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=42057471</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=42057471</guid></item><item><title><![CDATA[New comment by LuD1161 in "[dead]"]]></title><description><![CDATA[
<p>This is my first attempt at recreating a bug from its test case, feedback is highly appreciated.<p>RCE in git
 By cloning a repo - 'git clone --recursive <git_repo>' , your machine could be compromised.
 Works on MacOS and Windows
 Fix - Upgrade git
 Technical walkthrough and how you can reproduce it</p>
]]></description><pubDate>Mon, 20 May 2024 10:16:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=40413959</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=40413959</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=40413959</guid></item><item><title><![CDATA[New comment by LuD1161 in "Ask HN: Who is hiring? (April 2024)"]]></title><description><![CDATA[
<p>Not expected this from a security company :P 
Please fix/update your certs :)<p>```
<a href="https://foundationalsec.com/" rel="nofollow">https://foundationalsec.com/</a><p>Unable to communicate securely with peer: requested domain name does not match the server’s certificate.<p>HTTP Strict Transport Security: false<p>HTTP Public Key Pinning: false<p>```<p>Screenshot here -> <a href="https://postimg.cc/gallery/cdQsCzd" rel="nofollow">https://postimg.cc/gallery/cdQsCzd</a></p>
]]></description><pubDate>Tue, 02 Apr 2024 20:04:21 +0000</pubDate><link>https://news.ycombinator.com/item?id=39910282</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=39910282</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=39910282</guid></item><item><title><![CDATA[New comment by LuD1161 in "[dead]"]]></title><description><![CDATA[
<p>In this blog we will see a step-by-step guide of what goes behind a successful pentest. This not only includes the technical aspects but also the business and legal aspects of it.<p>If you’re tasked with the responsibility for getting your organisation's app or website's pentest done, this blog would definitely help you navigate the waters easily.</p>
]]></description><pubDate>Thu, 08 Feb 2024 12:55:14 +0000</pubDate><link>https://news.ycombinator.com/item?id=39301382</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=39301382</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=39301382</guid></item><item><title><![CDATA[New comment by LuD1161 in "[dead]"]]></title><description><![CDATA[
<p>Hello Everyone 
Back with another #exploitation 
4th part in the #GraphQL Exploitation series -<p>1⃣ Deep Recursion Attack - Attack & Defend (max depth)<p>2⃣ GraphQL Introspection<p>Thanks to Dolev Farhi for the awesome DVGA<p>#bugbounty #cybersecurity</p>
]]></description><pubDate>Thu, 03 Nov 2022 14:28:51 +0000</pubDate><link>https://news.ycombinator.com/item?id=33451533</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=33451533</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=33451533</guid></item><item><title><![CDATA[New comment by LuD1161 in "Ask HN: Freelancer? Seeking freelancer? (July 2021)"]]></title><description><![CDATA[
<p>SEEKING WORK | Remote : Yes | Location: India<p>Area of expertise : App Security ( Web & Mobile ), Infrastructure Security etc.<p>Technologies: Python, Go, Terraform, AWS, GCP, Vault, CIS Benchmarks, Docker, kubernetes ( k8s ), gitlab CI/CD & github actions, Jenkins, ELK<p>Résumé/CV: <a href="https://aseemshrey.in/resume.html" rel="nofollow">https://aseemshrey.in/resume.html</a><p>Email: hi@aseemshrey.in<p>Blog : <a href="https://aseemshrey.in/" rel="nofollow">https://aseemshrey.in/</a><p>YouTube : HackingSimplified : <a href="https://www.youtube.com/channel/UCARsgS1stRbRgh99E63Q3ng" rel="nofollow">https://www.youtube.com/channel/UCARsgS1stRbRgh99E63Q3ng</a><p>I build scalable security solutions as well, for my current employer as well as in a previous startup where I built a lot of systems from scratch.<p>I teach on my youtube channel hackingsimplified , about cybersecurity stuff.<p>Available for consulting as well.</p>
]]></description><pubDate>Fri, 09 Jul 2021 12:18:09 +0000</pubDate><link>https://news.ycombinator.com/item?id=27782902</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=27782902</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=27782902</guid></item><item><title><![CDATA[New comment by LuD1161 in "Ask HN: Who wants to be hired? (July 2021)"]]></title><description><![CDATA[
<p>Location: India<p>Remote: Yes<p>Willing to relocate: Yes<p>Technologies: Python, Go, Terraform, AWS, GCP, Vault, CIS Benchmarks, Docker, kubernetes ( k8s ), gitlab CI/CD & github actions, Jenkins, ELK<p>Résumé/CV: <a href="https://aseemshrey.in/resume.html" rel="nofollow">https://aseemshrey.in/resume.html</a><p>Email: hi@aseemshrey.in<p>Blog : <a href="https://aseemshrey.in/" rel="nofollow">https://aseemshrey.in/</a><p>YouTube : HackingSimplified : <a href="https://www.youtube.com/channel/UCARsgS1stRbRgh99E63Q3ng" rel="nofollow">https://www.youtube.com/channel/UCARsgS1stRbRgh99E63Q3ng</a><p>My area of expertise App Security ( Web & Mobile ), Infrastructure Security etc.<p>I build scalable security solutions as well, for my current employer as well as in a previous startup where I built a lot of systems from scratch.<p>I teach on my youtube channel hackingsimplified , about cybersecurity stuff.<p>Available for consulting as well.</p>
]]></description><pubDate>Fri, 09 Jul 2021 12:16:52 +0000</pubDate><link>https://news.ycombinator.com/item?id=27782892</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=27782892</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=27782892</guid></item><item><title><![CDATA[Why Client Side Validation Fails – Hacking 10M+ Users]]></title><description><![CDATA[
<p>Article URL: <a href="https://aseemshrey.in/lets-learn-english-hacking-10m-users/">https://aseemshrey.in/lets-learn-english-hacking-10m-users/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=26858737">https://news.ycombinator.com/item?id=26858737</a></p>
<p>Points: 4</p>
<p># Comments: 0</p>
]]></description><pubDate>Mon, 19 Apr 2021 03:00:27 +0000</pubDate><link>https://aseemshrey.in/lets-learn-english-hacking-10m-users/</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=26858737</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=26858737</guid></item><item><title><![CDATA[SSRF-What Why and How|SSRF in Google Prod Network|Server Side Request Forgery]]></title><description><![CDATA[
<p>Article URL: <a href="https://www.youtube.com/watch?v=fUc08JAaslE">https://www.youtube.com/watch?v=fUc08JAaslE</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=25356515">https://news.ycombinator.com/item?id=25356515</a></p>
<p>Points: 2</p>
<p># Comments: 0</p>
]]></description><pubDate>Wed, 09 Dec 2020 08:28:42 +0000</pubDate><link>https://www.youtube.com/watch?v=fUc08JAaslE</link><dc:creator>LuD1161</dc:creator><comments>https://news.ycombinator.com/item?id=25356515</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=25356515</guid></item></channel></rss>