More

dyml · 2026-03-15T09:19:36 1773566376

Hey… if you weren't aware, the HN guidelines now include: > Don't post generated comments or AI-edited comments. HN is for conversation between humans.

dyml · 2025-11-17T08:45:15 1763369115

I also used Kagi, but decided to cancel my subscription last year when it was revealed they pay Yandex for their search, which is a Russian company that ultimately fuels the Russian war on Ukraine.

Once Kagi stops transferring money to Russia, I’d be happy re-subscribe.

ramon156 · 2025-11-17T08:52:05 1763369525

Do you have a source how funding yandex funds the war? Yandex is a great search engine, so I would hate to find out that this is true

b2ccb2 · 2025-11-17T08:58:21 1763369901

  https://en.wikipedia.org/wiki/Yandex#Legal_issues_in_Ukraine
  https://www.zois-berlin.de/en/publications/zois-spotlight/the-sad-fate-of-yandex-from-independent-tech-startup-to-kremlin-propaganda-tool

ninalanyon · 2025-11-17T09:01:15 1763370075

It's based in Russia so it presumably pays taxes and salaries in Russia.

crashmat · 2025-11-17T12:44:16 1763383456

All American companies pay taxes to America which is basically always commiting atrocities so I don't think that's a strogn enough reason on its own.

ipaddr · 2025-11-17T22:11:03 1763417463

.ru is but .com is based on Europe with different results for each.

vjvjvjvjghv · 2025-11-17T17:37:51 1763401071

I have the feeling that, if you look a little closer, a lot of products you are using are supporting atrocities somewhere directly or indirectly.

dyml · 2025-07-04T07:15:09 1751613309

I work at bitwarden and I can confirm this. While technically you have the data, any other app need to support our json format (which they totally can, our code is open source) - but CXP (the standard) is happening this year so we’re planning on using it.

dyml · 2025-07-04T07:12:06 1751613126

I worked on this standard and we’re all excited that it’s rolling out to most of not all password managers and platforms.

dyml · on Jan 28, 2025

We're enabling it by default, you can opt-out.

dyml · on Jan 28, 2025

I just want to point out that the title is wrong. 2FA is on by default, but not mandatory. Dang, can we change the title?

TheFreim · on Jan 28, 2025

The title was correct but they appear to have changed the policy since the post was made, likely as a response to feedback.

Notice that in the archive from earlier today the "Who is excluded from this account email-based new device verification?" section did not have the new fifth bullet point about being able to opt-out:

https://web.archive.org/web/20250128011007/https://bitwarden...

Thought it was worth pointing this out since I've already seen people reply to old comments thinking people didn't read the article without realizing it was later changed.

dang · on Jan 28, 2025

Ok, we've done that now. (Submitted title was "Bitwarden introduces mandatory 2FA for new devices".)

dyml · on Jan 28, 2025

I work at Bitwarden and I have that same pet peeve! Let's see if I can get a PR up without causing a UX stir :)

dyml · on Dec 6, 2024

Very unfortunate and caused me to cancel my subscription immediately. Any alternatives that people can recommend to someone who throughly enjoyed Kagi?

I really hope they reconsider their arrangement.

carlosjobim · on Dec 6, 2024

I heard Yandex has pretty good search results.

dyml · on Sept 29, 2024

Please don’t use WebAuthn on every page load.

Two reasons: the protocol is not designed to do this - and the UI/UX is not designed to support this. There are better ways.

2) it will likely not work. There are virtual/software authenticatators (available in dev tools) that could generate a valid response without a human.

jeroenhd · on Sept 29, 2024

FWIW using WebAuthn to start a session, set up a cookie, and validating that cookie to get access seems like a pretty usable pattern. Not much more invasive than the "checking your connection" screen Cloudflare likes to throw.

dyml · on Sept 2, 2024

Use a password manager, like Bitwarden