Feed aggregator

Article URL: https://www.nature.com/articles/d41586-025-01362-y

Comments URL: https://news.ycombinator.com/item?id=43885160

Points: 1

# Comments: 0

Article URL: https://www.economist.com/science-and-technology/2025/04/30/rates-of-bowel-cancer-are-rising-among-young-people

Comments URL: https://news.ycombinator.com/item?id=43885157

Points: 4

# Comments: 1

Article URL: https://apps.gnome.org/Papers/

Comments URL: https://news.ycombinator.com/item?id=43885133

Points: 2

# Comments: 0

Article URL: https://en.wikipedia.org/wiki/Erd%C5%91s_number

Comments URL: https://news.ycombinator.com/item?id=43885121

Points: 2

# Comments: 1

Article URL: https://apps.apple.com/us/app/easy-share-files-texts/id6745053777

Comments URL: https://news.ycombinator.com/item?id=43885115

Points: 1

# Comments: 2

Article URL: https://canonical.com/blog/canonical-releases-ubuntu-25-04-plucky-puffin

Comments URL: https://news.ycombinator.com/item?id=43885103

Points: 1

# Comments: 0

Article URL: https://www.europesays.com/uk/73187/

Comments URL: https://news.ycombinator.com/item?id=43885091

Points: 1

# Comments: 0

Article URL: https://semianalysis.com/2025/04/16/huawei-ai-cloudmatrix-384-chinas-answer-to-nvidia-gb200-nvl72/

Comments URL: https://news.ycombinator.com/item?id=43885088

Points: 1

# Comments: 0

Article URL: https://www.amd.com/en/products/accelerators/instinct/mi300/mi325x.html

Comments URL: https://news.ycombinator.com/item?id=43885084

Points: 1

# Comments: 0

Article URL: https://adv-r.hadley.nz/rcpp.html

Comments URL: https://news.ycombinator.com/item?id=43885078

Points: 1

# Comments: 1

Article URL: https://www.nytimes.com/video/world/middleeast/100000010137049/us-bombing-yemen-migrant-shelter.html

Comments URL: https://news.ycombinator.com/item?id=43885071

Points: 1

# Comments: 0

Article URL: https://arxiv.org/abs/2505.00693

Comments URL: https://news.ycombinator.com/item?id=43885070

Points: 2

# Comments: 0

Article URL: https://garymarcus.substack.com/p/the-latest-ai-scaling-graph-and-why

Comments URL: https://news.ycombinator.com/item?id=43885051

Points: 2

# Comments: 0

Article URL: https://www.nrk.no/dokumentar/xl/inside-the-scam-network-1.17399135

Comments URL: https://news.ycombinator.com/item?id=43885047

Points: 1

# Comments: 0

Article URL: https://github.com/gsuberland/switch_bouncing

Comments URL: https://news.ycombinator.com/item?id=43885039

Points: 2

# Comments: 0

Hey HN,

I’m Maxime — a product builder and former Head of Product at Qonto (think Brex for Europe, ~$6B valuation). I recently started something new called [Well](https://wellapp.ai/) (https://wellapp.ai/), where we deploy autonomous agents (via remote browsers or Chrome extensions) to collect supplier invoices on behalf of founders. It saves tons of brain cycles for busy operators.

Now, I know I’m EU-based and this might sound like yet another attempt to regulate everything … but bear with me — the core question is:

> Would you give your Microsoft Azure keychain to an AI agent?

Over the years, I’ve built many integrations — some with OAuth2, others via RPA when no official APIs existed. But with this new generation of agents acting autonomously on behalf of users, I’m starting to wonder: how will we manage authentication and define the scope of what an agent is allowed to do?

*Problem 1: Agent Authentication*

My agents act on my behalf — but I’m extremely anti-password proliferation. While it's tempting to just give an agent my password and 2FA codes, that feels fundamentally broken.

Ideally, I want agents to request access to credentials with a specific scope, duration, and purpose — and I want to manage that access centrally. If I change my password or revoke permissions, the agent should lose access instantly.

*Problem 2: Agent Scope & Consent*

Let’s say an agent gets valid SaaS credentials and starts crawling an account. How do I know it's only collecting invoices, and not poking around in sensitive settings or triggering a password reset?

OAuth solved this with scopes and explicit user consent. But agents today don’t seem to have an equivalent. There’s no "collect-invoices-only" checkbox.

My open question: Should this kind of permissioning live inside a password manager? Or is it the responsibility of agent platforms to build a consent-aware vault? Or should we be thinking about something entirely new — like an MCP (Multi-Agent Control Protocol)?

Would love to hear if anyone has seen serious work or proposals in this space — or if you're tackling similar challenges in your vertical.

Thanks!

Comments URL: https://news.ycombinator.com/item?id=43885036

Points: 1

# Comments: 0

Most websites suck at telling you if your password is actually secure. They are still stuck in the 2000s, using outdated password rules. They check for symbols, numbers, uppercase letters—then rate Password1! as “strong”. But any real attacker cracks that in minutes.

I got tired of these outdated rules that don’t reflect actual security. So I built Time To Hack. This Chrome extension estimates how long it would actually take to crack your password (as you type), across realistic attack scenarios using entropy analysis, pattern recognition, and modern cracking models.

Comments URL: https://news.ycombinator.com/item?id=43885029

Points: 3

# Comments: 0

Article URL: https://github.com/TuGraph-family/chat2graph

Comments URL: https://news.ycombinator.com/item?id=43884938

Points: 3

# Comments: 0

Article URL: https://seanjkernan.substack.com/p/13-signs-you-used-chatgpt-to-write

Comments URL: https://news.ycombinator.com/item?id=43884933

Points: 3

# Comments: 0

Article URL: https://www.reuters.com/markets/wealth/berkshire-shareholders-head-buffetts-60th-annual-meeting-economy-top-mind-2025-05-03/

Comments URL: https://news.ycombinator.com/item?id=43884911

Points: 2

# Comments: 0