<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Hacker News: daraosn</title><link>https://news.ycombinator.com/user?id=daraosn</link><description>Hacker News RSS</description><docs>https://hnrss.org/</docs><generator>hnrss v2.1.1</generator><lastBuildDate>Sat, 11 Jul 2026 20:55:24 +0000</lastBuildDate><atom:link href="https://hnrss.org/user?id=daraosn" rel="self" type="application/rss+xml"></atom:link><item><title><![CDATA[New comment by daraosn in "Tinychain: a pocket-sized implementation of Bitcoin"]]></title><description><![CDATA[
<p>This is great. I already understood most of BTC and ETH protocols, but learned some new bits, thanks for sharing!</p>
]]></description><pubDate>Tue, 08 Aug 2017 02:53:08 +0000</pubDate><link>https://news.ycombinator.com/item?id=14953563</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=14953563</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=14953563</guid></item><item><title><![CDATA[New comment by daraosn in "Augur REP Token Critical Vulnerability Disclosure"]]></title><description><![CDATA[
<p>That's what Tezos is doing, using OCaml for their smart contracts.</p>
]]></description><pubDate>Sat, 29 Jul 2017 01:06:49 +0000</pubDate><link>https://news.ycombinator.com/item?id=14878907</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=14878907</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=14878907</guid></item><item><title><![CDATA[New comment by daraosn in "Ask HN: What are we doing about Facebook, Google, and the closed internet?"]]></title><description><![CDATA[
<p>Brendan Eich, the inventor of Javascript and co-founder of Mozilla, launched this recently:
<a href="https://www.basicattentiontoken.org/index.html" rel="nofollow">https://www.basicattentiontoken.org/index.html</a><p>It's a token for advertisement that rewards the user, to be used at Brave browser:
<a href="https://brave.com" rel="nofollow">https://brave.com</a>
<a href="https://github.com/brave" rel="nofollow">https://github.com/brave</a></p>
]]></description><pubDate>Fri, 09 Jun 2017 02:22:36 +0000</pubDate><link>https://news.ycombinator.com/item?id=14518765</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=14518765</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=14518765</guid></item><item><title><![CDATA[New comment by daraosn in "Cryptoeconomics 101"]]></title><description><![CDATA[
<p>First, it's not what I want, it's what I perceive – only my opinion.<p>Why a blockchain for social network? To really control my data and my online persona. It doesn't have to be a public blockchain, can be private and shared to my friends, if I wanted to.<p>I agree with you, that in poor countries the infrastructure is not prepared yet, but the world wasn't prepared also when the Internet was on dippers, this is just the beginning, I believe.</p>
]]></description><pubDate>Mon, 05 Jun 2017 00:59:47 +0000</pubDate><link>https://news.ycombinator.com/item?id=14484628</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=14484628</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=14484628</guid></item><item><title><![CDATA[New comment by daraosn in "Cryptoeconomics 101"]]></title><description><![CDATA[
<p>Yes, cryptocurrencies and tokens have a lot of speculation from a dollar price perspective, and there are still non-believers and manipulators, but the blockchain and smart contracts technology is brilliant and the idea is already on people's mind, and it will only become stronger, despite of the price.<p>Social Network: For years I've seen people complaining about Facebook, others building alternatives. If there is one way that Facebook could be defeated and decentralized is by using a P2P blockchain social network. Take for example Steem, not perfect but proof of concept works.<p>Advertisement: another example is BAT (by the JS inventor), funded in 30 seconds, it could be a real threat to Google. Just pair it with Mist browser and ENS, and you can see the potential.<p>...<p>I think it's no longer about Bitcoin, it's about a profound decentralization of the Internet. Some call it the Web 3.0.</p>
]]></description><pubDate>Sun, 04 Jun 2017 23:42:45 +0000</pubDate><link>https://news.ycombinator.com/item?id=14484353</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=14484353</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=14484353</guid></item><item><title><![CDATA[New comment by daraosn in "Ask HN: Building a side project that makes money. Where to start?"]]></title><description><![CDATA[
<p>My advise: don't focus so much on how to build it, focus on how to grow it... REALLY!<p>I've done so many complex projects that at the end I couldn't sell, that's frustrating... please hear me: figure out first how to sell it (or at least get good traffic to a crappy wordpress site), then build a very crappy version and then improve it over time.<p>I read recently this, and I think is gold:
<a href="https://www.blackhatworld.com/seo/making-money-online-it-all-starts-with-you-not-methods-not-google-you.766510/" rel="nofollow">https://www.blackhatworld.com/seo/making-money-online-it-all...</a></p>
]]></description><pubDate>Thu, 06 Apr 2017 12:37:29 +0000</pubDate><link>https://news.ycombinator.com/item?id=14049950</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=14049950</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=14049950</guid></item><item><title><![CDATA[New comment by daraosn in "Which job to chose?(have 2 hours)"]]></title><description><![CDATA[
<p>If you are starting I think it really doesn't matter, I like Ruby and did for a long time, but if you like the Python company and you say is bigger and you have friends there, then you should probably go for that offer. Plus Python is a nice language to learn too.<p>This is very important: Money should not be your priority at this stage, go for the company where you think you can learn the most, later you can find a better job or even consult, as you'll gain a lot of experience.<p>Good luck!</p>
]]></description><pubDate>Mon, 14 Nov 2016 13:48:56 +0000</pubDate><link>https://news.ycombinator.com/item?id=12949770</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12949770</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12949770</guid></item><item><title><![CDATA[New comment by daraosn in "Bitcoin 0.13.0 Binary Safety Warning"]]></title><description><![CDATA[
<p>It will take time... Computers, Internet and new techs in general aren't mainstream in their beginings. Do you expect it to be perfect from its inception? Even planes crashed on their first flights, and look at us now, flying everywhere.</p>
]]></description><pubDate>Thu, 18 Aug 2016 09:12:36 +0000</pubDate><link>https://news.ycombinator.com/item?id=12311234</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12311234</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12311234</guid></item><item><title><![CDATA[New comment by daraosn in "Some news from LWN"]]></title><description><![CDATA[
<p>Disagree, even Hacker News has some attempts to have a better design while keeping the HTML site look.</p>
]]></description><pubDate>Thu, 04 Aug 2016 11:00:52 +0000</pubDate><link>https://news.ycombinator.com/item?id=12224698</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12224698</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12224698</guid></item><item><title><![CDATA[New comment by daraosn in "Stealing Facebook access_tokens using CSRF in device login flow"]]></title><description><![CDATA[
<p>True, but it's also:<p>- How much would it cost to repair the trust of the users if the breach occurs. PR, marketing, organizational costs<p>Do you think a big company would pay $5k for a PR campaign to fix a mess due to a breach of private data? Not remotely.</p>
]]></description><pubDate>Wed, 20 Jul 2016 09:24:12 +0000</pubDate><link>https://news.ycombinator.com/item?id=12127742</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12127742</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12127742</guid></item><item><title><![CDATA[New comment by daraosn in "Stealing Facebook access_tokens using CSRF in device login flow"]]></title><description><![CDATA[
<p>Why would you calculate hourly rate? I'd rather try to calculate the economic impact that this could have for the company, especially marketing costs to repair bad PR if something like private messages, pictures, info, etc. get breached. Do you think Facebook would spend $5,000 for that? Hell no, marketing budgets are in the magnitude of millions of dollars... I'm in no way supporting to exploit these vulnerabilities, and kudos to the OP (and many others) for finding these bugs and reporting to their companies instead of exploiting. I just think that big tech companies should pay bigger bounties.</p>
]]></description><pubDate>Wed, 20 Jul 2016 08:55:23 +0000</pubDate><link>https://news.ycombinator.com/item?id=12127664</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12127664</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12127664</guid></item><item><title><![CDATA[New comment by daraosn in "Stealing Facebook access_tokens using CSRF in device login flow"]]></title><description><![CDATA[
<p>I posted below (and got hardly and irrationally downvoted) that $5,000 is a joke. And your comment and others don't change my mind. A CSRF vulnerability, looking forward to reading a post on a SQL Injection next time.. I worked doing bots on my school days when I was a kid, and I saw the gray/black market can be unfortunately extremely profitable. $5,000 is nothing, we're not talking about a little startup here, it's Facebook, and they do have resources. Have you ever seen nasty content on Facebook on your wall, been spammed or even hacked? It's because of these kind of vulnerabilities get breached. Of course they can happen, but $5,000 is nothing considering the economic impact that can have if someone exploits it badly. A PR campaign to fix a mess wouldn't cost a few thousands, rather a few millions. Again: kudos to the OP for posting this and doing things the right way (reporting to facebook), but again, sadly good developers are getting underpriced...<p>PS: and by the way, I'm in no way circle jerking, this is not reddit, I'm here for a serious discussion on the topic.</p>
]]></description><pubDate>Wed, 20 Jul 2016 08:31:07 +0000</pubDate><link>https://news.ycombinator.com/item?id=12127590</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12127590</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12127590</guid></item><item><title><![CDATA[New comment by daraosn in "Stealing Facebook access_tokens using CSRF in device login flow"]]></title><description><![CDATA[
<p>Don't understand the downvoting here.. Very irrational or emotional motivated. I'll explain why is a joke: $5,000 is nothing considering what could cost to Facebook if someone in a black market finds this, plus a CSRF vulnerability is from a Security 101 lecture nowadays. They do have the resources and should put more money to audit their production code and pay bigger bounties for someone who's not part of their company and finds a bug like this. Again, down voting non-sense.. this is not reddit guys, this is Hacker News.</p>
]]></description><pubDate>Wed, 20 Jul 2016 08:21:11 +0000</pubDate><link>https://news.ycombinator.com/item?id=12127565</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12127565</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12127565</guid></item><item><title><![CDATA[New comment by daraosn in "Stealing Facebook access_tokens using CSRF in device login flow"]]></title><description><![CDATA[
<p>I think $5,000 is a joke, this is a serious vulnerability... Despite this, congratulations for finding it and reporting directly to them, the right way. If it's possible to know, how many hours did you spend researching this?</p>
]]></description><pubDate>Wed, 20 Jul 2016 00:06:36 +0000</pubDate><link>https://news.ycombinator.com/item?id=12125894</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12125894</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12125894</guid></item><item><title><![CDATA[New comment by daraosn in "Show HN: OpenGL in super slow motion – visualising Z-buffering"]]></title><description><![CDATA[
<p>This is amazing, thanks for sharing! Haven't really programmed much in 3D so this is a great resource to understand the concept behind a render engine.</p>
]]></description><pubDate>Mon, 04 Jul 2016 15:28:09 +0000</pubDate><link>https://news.ycombinator.com/item?id=12031281</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=12031281</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=12031281</guid></item><item><title><![CDATA[Bitcoin surpased the $10B market cap]]></title><description><![CDATA[
<p>Article URL: <a href="http://coincap.io/">http://coincap.io/</a></p>
<p>Comments URL: <a href="https://news.ycombinator.com/item?id=11887572">https://news.ycombinator.com/item?id=11887572</a></p>
<p>Points: 2</p>
<p># Comments: 0</p>
]]></description><pubDate>Sun, 12 Jun 2016 11:07:14 +0000</pubDate><link>http://coincap.io/</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=11887572</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=11887572</guid></item><item><title><![CDATA[New comment by daraosn in "Intel acquires Itseez, leading developer of OpenCV"]]></title><description><![CDATA[
<p>Ok, any guesses on so how would this affect their open source projects? i.e. OpenCV's license is 3-clause BSD, and of course as Intel started the project is a copyright holder, so things as usual?</p>
]]></description><pubDate>Wed, 01 Jun 2016 23:17:41 +0000</pubDate><link>https://news.ycombinator.com/item?id=11819089</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=11819089</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=11819089</guid></item><item><title><![CDATA[New comment by daraosn in "Changes sshd port every 30 seconds, using Two Factor Auth to login"]]></title><description><![CDATA[
<p>That's a interesting idea, to make encryption dynamic using something like the 2FA described here.</p>
]]></description><pubDate>Sun, 29 May 2016 14:18:15 +0000</pubDate><link>https://news.ycombinator.com/item?id=11796444</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=11796444</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=11796444</guid></item><item><title><![CDATA[New comment by daraosn in "Changes sshd port every 30 seconds, using Two Factor Auth to login"]]></title><description><![CDATA[
<p>Is there a service that wraps/proxies a port with a different or custom protocol? (kind of like SSL for HTTP)<p>Idea: instead of ssh'ing a server, you would run your custom command which communicates to port XXXX, communicate with a custom protocol and then if validation succeeds, would proxy to SSH (or any other internal port/protocol).<p>Why? Because as others suggested you could scan all ports very quickly to break this, but if you scan a port and just receive garbage or something only you can understand when opening it, then you could hide it from the outside..<p>(Just curious)</p>
]]></description><pubDate>Sun, 29 May 2016 13:53:50 +0000</pubDate><link>https://news.ycombinator.com/item?id=11796364</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=11796364</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=11796364</guid></item><item><title><![CDATA[New comment by daraosn in "Show HN: Open source realtime IoT platform"]]></title><description><![CDATA[
<p>Thanks! You can check our ESP8266 Arduino libraries: <a href="https://github.com/undercontrol-io/sdk-esp8266-arduino" rel="nofollow">https://github.com/undercontrol-io/sdk-esp8266-arduino</a><p>We also have some tutorials at our homepage.</p>
]]></description><pubDate>Mon, 23 May 2016 17:18:13 +0000</pubDate><link>https://news.ycombinator.com/item?id=11755255</link><dc:creator>daraosn</dc:creator><comments>https://news.ycombinator.com/item?id=11755255</comments><guid isPermaLink="false">https://news.ycombinator.com/item?id=11755255</guid></item></channel></rss>