Very interesting. Having looked at NoScript it seems like you can disable LAN as a default value under the allow tab.
Readit Newstmdetect commented on Ask HN: Why does the US Visa application website do a port-scan of my network? · Posted by u/mbix77
Funny. I definitely knew there were some unique characteristics, but this took it to a new level.
tmdetect commented on Some users report their Firefox browser is scoffing CPU power theregister.com/2025/08/1... · Posted by u/homarp
Local translation has been pretty useful for me. It's obviously not as good as fat commercial models used by e.g Google Translate, but get the point across often enough that I almost stopped using those commercial engines. What's interesting is that this only useful ML service came out from collaboration with several European universities and was mostly an academic project, polished by a commercial interest into a useful service. Makes an interesting comparison with those pipe dreams conjured up by Mozilla business suites that set fire to millions of dollars and ended up with nothing.
Agree, the local translation is borderline unusable. I've had to change browsers as a result.
As a frequent temp mail user (for privacy reasons) I wish these things didn't exist..
I appreciate your sentiment, and agree to a point. There’s a time and a place for both disposable email addresses as well as blocking apis.
Assume you offer a free trial with LLM capabilities. There’s a very real cost associated with multiple signup abuse. You can card capture or KYC, but now there’s more friction and greater loss of privacy.
I’m working on https://tempmaildetector.com and more specifically a Wordpress plugin to support it: https://wordpress.org/plugins/temp-mail-detector-block-tempo...
The plugin offers users a way to input their own block lists, a pre-existing one, or make use of the API which is constantly getting updated.
As a first time Wordpress plugin developer, the approval process was a bit slow but it’s like that for a good reason.
tmdetect commented on Google spoofed via DKIM replay attack: A technical breakdown easydmarc.com/blog/google... · Posted by u/frasermarlow
The author writes:
> "Here is the URL from that email [..] https://sites.google.com[...]"
THAT link is the first red flag, and I think the author should say so right there, not three paragraphs later.
A red flag for you yes, but your parents?
tmdetect commented on Google spoofed via DKIM replay attack: A technical breakdown easydmarc.com/blog/google... · Posted by u/frasermarlow
This is terrifying. Imagine trying to explain to a relative the lesson of this post: always be suspicious, even if the email is from a trusted domain and dkim/dmarc/spf all pass… it doesn’t feel good to imagine their reaction.
This is still limited in what you can do though. For example you can’t use this to forge messages from other people’s Gmail accounts.
> When the message is forwarded, the original DKIM signature usually remains untouched as long as the email content and headers covered by the signature are not modified
It does seem surprising the To: header isn’t one of the headers that is covered by the dkim signature. They should just change how their signing is configured, and email clients should warn when the email is legit but the intended recipient could have been changed.
My advice here is pretty standard: If you get an email that requires an action, go to the website directly. Don't click any links.
It adds friction, but does solve the problem. For banking/systems, I'd much rather have the friction.
tmdetect commented on Ask HN: Startup getting spammed with PayPal disputes, what should we do? · Posted by u/june3739
I think it’s fairly clear from everyone’s comments that this is a card testing scheme. Now it’s how you respond to it that matters.
You’re essentially playing a game of cat and mouse. There’s 12 new domains added today for one provider for example [0].
Use a 3rd party api to block these (disclaimer, this is what I do) and keep layering your security. Note that I’ve seen an increase in gmail temporary email providers, so while many here will disagree, blocking plus emails and . emails is absolutely a valid tactic during this attack period.
tmdetect commented on I'm blocking connections from AWS to my on-prem services consulting.m3047.net/duba... · Posted by u/m3047
Wireguard. Actually I setup also 2nd backup tunnel in case some upgrade or change messes up the first one.
+1 to WireGuard. For people new to it, there are some great scripts which set up and configure it for you like https://github.com/Nyr/wireguard-install
* uBlock Origin and Lite have it as an option under Filter List > Privacy > Block Outsider Intrusion into LAN
* Brave prevents it, tested with Aggressively block Trackers and Ads.