I used to work for a large financial services company who bought 4 storey office block and fitted it out with very small but with own door individual offices that had internet and a connected desk phone so that companies could rent them and say they had more than a box office address in that European capital, I never found out what the rent was.
Just posted it here: https://news.ycombinator.com/item?id=47601608
Thank you so much for the coffee offer, that genuinely made my day! I don't have a sponsor link set up. Honestly, the best support is just hearing if this actually helps you ship your personal project faster without losing your mind to prompt engineering. I really hope it gives you your sanity back. Let me know how it goes!
Comments are marked dead by automatic processes, not through downvotes. They're dead before anyone sees them, and you can't vote on a dead comment. amangsingh's comments have probably triggered some automated moderation. Probably at least partially because they sound LLM-generated.
Spot on regarding the automod. Unfortunately, the way I naturally structure my writing almost always triggers a 50/50 flag on AI content detectors. It is the absolute bane of my existence.
The filter instantly shadowbanned the Show HN post when I submitted it, which is why the link was dead for a while. Thankfully, human mods reviewed it and restored it. The link is fully live for a while now!
Noticed that and was wondering, thanks for the explanation. Does this imply that human-people need to go “vouch” for the flagged comments to bring them back into HM’s good graces?
The only option for cookies is to accept these terms and conditions, I thought implied consent was explicitly not allowed due to GDPR?
"To help personalize content, tailor and measure ads and provide a safer experience, we use cookies. By clicking or navigating the site, you agree to allow our collection of information on and off Facebook through cookies. Learn more, including about available controls:
No. 2 is interesting, our national lottery in Ireland has an app that you can scan the barcode on your ticket to check if you have won or not, at some stage they updated the app and the scan picks up the barcode even before you center it on the screen and tells you if you have lost/won instantly, I though it was my IT background that made me uncomfortable with it happening so fast, wonder what other examples like this exist where the result/action being too fast causes doubt with the user?
The Signal device linking feature is just as fast. It's partly a trick -- it will look for QR codes even outside the central area, so under good conditions it can get a read before you even get a rough orientation.
Thanks for posting that, there are a lot of quotes that resonated with me. I've had a personally and professionally tough year and will be losing my job in the new year, 50/50 my own fault for disengaging after a reorg at that start if the year. I'm not overly worried and will be taking the payoff to throw my hat in the small startup ring but this quote still struck a chord and made me feel more positive:
“If you hit a wrong note, it’s the next note you play that determines if it’s good or bad.” (Miles Davis)
Enjoy the holidays everyone and remember to look out for each other, we lost a close family member to suicide and new born nephew that only lived a few precious hours this year. Family and friends first, and no more letting others decide my future are my goals for 2026. If anyone is struggling, even if you can't see it people want to help, take that hard first step and ask for help, friend/family/doctor/helpline/anyone, it gets easier after that, it's a step I took myself a few years ago when in a bad place mentally and it turned my life around, my only regrets are I didn't ask for help sooner and I kept my struggle and recovery largely private, I will regret to my dying day that I wasn't more open to my extended family and maybe if that person saw someone else recover they might have taken another road. Apologies for the ramble, the quotes and typing this comment caused a small unplanned reflection on 2025, I was going to delete all this but thought it might help someone. Thanks HN for keeping things interesting and once again pointing me at something that made a difference!
Some time ago I was looking for a chassis like that one, minus the lawnmower hardware, to build something that could "patrol" around my home, which has some irregular terrain that would probably have anything with non huge wheels flip over or get stuck. All I could find are interesting metal robot chassis on Aliexpress which were however way overpriced considering the much smaller size and crappy plastic tracks.
I'm Irish and have a common firstname.lastname@gmail.com
At some point the head of a national hospital thought he had that address and wasn't using his official email for everything, I got several emails that should not have been for me and some were quiet sensitive, I always emailed back the sender to let them know and eventually I emailed his secretary as it kept happening. I've also received purchase order confirmations from Australia, building contracts from Canada, HR emails from a university to which I had to confirm I had deleted the mail as letting them know led to GDPR investigation
I’m in the midst of a similar situation. My firstinitial.lastname email keeps getting very sensitive legal documents from law firms handling the case of someone who does not seem to know what their actual email address is. I called the firm and told them they needed to have an in-person meeting with their client and get a correct email address from them. That seemed to help for a few months. But now I’m getting emails again from a different law firm.
And I worked IT for legal firm, if we were not sending documents over email, we would get replaced by the client.
I spent 3 months on secure document transfer portal system, got scrapped after 4 months because clients wanted their forms as Word/PDF and they wanted them without hopping through any hoops.
Yes I know this was about wrong delivery address (person with same name, wrong account); the point is that email is not completely secure - certainly not for very sensitive (legal) content
Gmail can be fetched via IMAP and leave Gmail's infra entirely. And I don't think Google guarantees that their implementation stays fully on their own owned infra. It's a reasonable assumption but I'd never trust that for a security guarantee.
Email is not an end-to-end secure data protocol without the use of client side encryption/decryption like PGP/GPG, but even then, sender/receiver and time are all in the envelop metadata.
Probably because Law Firms arent necessarily computer security firms. Lots of people have terrible op sec. Additionally if you the recipient are on gmail it stops mattering, now Google knows your legal woes.
Exactly, I’d never use Gmail for anything sensitive. Even for just personal emails I use my own mailserver.
(And again, for truly sensitive stuff I don’t use email at all)
Sure even though, as most others, my server supports TLS, having your email not leave gmail at all may be slightly more secure.
Part of the point however was that when either server or receiver is using Gmail, your possibly confidential email content is still in Google’s hands. Using a personal server reduces that part of the attack surface. Still this does not mean I vacate my overall point that email in general is suboptimal from a secop standpoint.
Why’s that even relevant if the recipient is the wrong address? Email isn’t particularly secure anywhere, and gmail has forwarding and IMAP and aliases and other services that send emails outside of gmail. But sending sensitive documents to the wrong recipient, which was the topic that started this sub-thread, is a case where it does not matter how secure your servers are.
Sure it is, and your own comment above about gmail to gmail being fairly secure demonstrated that. Using a photocopier is intentional, and everyone knows what a photocopier is. Most people don’t know what IMAP is, and an email sender does not know if the recipient uses IMAP.
And this is still irrelevant to sending email to the wrong recipient, so I don’t know why you’re stuck on infra security.
Even if the law firm uses a Gmail account - which most of course don’t - Google still has access to your sensitive legal email content.
(And that’s apart from the meta data leaking)
if you attach documents by linking to a Google Drive document, sure.
if you attach documents 'inside' the mail (i.e. MIME encoded multipart) that is most definitely not secure.
1) you do not know how that mail gets delivered, not necessarily via servers that support encryption
2) you do not know how that mail, or the attachment, gets stored on the local machine
3) you do now know if the mail, or attachment, is sent to someone else
4) you cannot revoke the access to the document once the Need To Known stops
In our ISMS, sending Highly Sensitive data (ex: customer data) by attaching directly to a mail, is strictly not allowed by the IT charter. We explain it during an on-boarding meeting to all new staff members. And it's a fireable offense.
There are several people with my name at the company I work for. I frequently get email meant for someone else.
Worst was at another company where a person with the same name has just left, so they gave me that email address. Turned out he was subscribed to several Confluence pages for which I now received updates. But I didn't get his Confluence account, so I couldn't unsubscribe from those updates.
I have a canonical gmail address for what I thought was not such a common name pair. I get so much sensitive stuff. I used to email the sender but I have given up. One of them runs a business and the businesses that interact with his business just keep emailing me. Or stop for a couple of years, change personnel and start right back up.
Same here. My Google Account is something along the lines of jose86@gmail.com (a common hispanic first name + birth year; I'm German).
It's unusable. I have received full blown mortgage applications from couples in Mexico (including paystubs, tax forms, credit ratings, phone bills, passports). Mostly, these days, it's transaction notifications for a guy in Nigeria and phone bills for people in South America.
I have myname.wifename@gmail.com (we use it for bills, children activities, and other family stuff where you can't register more than one email address).
Neither of our names can be confused with a last name and yet I had multiple people writing to it incorrectly, including: as the email attached to a Diners credit card (I called Diners and they asked me what's the right one and "if I don't know the right one how do I know that it's wrong"), as the email for a school 400 km from home (another family must have had the same idea), once for some lawyer stuff (I then learnt that about 100 people in Italy do have my wife's name as a very uncommon last name), and lately as the recovery email for another Google account.
Your use case is why I bought my own domain name. My wife and I create shared aliases we can both send from. It’s made spousal ensuing with schools so much easier, etc.
I used to get email for an org that had a similar domain as me (they had an extra letter in the middle). Thankfully, not a very big org, I would just bounce addresses that got a lot of misdirected email and I think they shut down and that really solved the problem.
Still annoying, but not as bad as gmail. I just got an email, in Italian, about someone adding a passkey to their ebay account. No way to tell ebay it's not their address / it's not my account.
Similar boat (~25 years) and, while I've run into some sites/services that rejected my domain, I'm pretty sure it's happened fewer than 5 times, total.
YES! I have no idea if we're related, but imagine the surprise when you "first get internet at home", and my father and I decided to search our surname on Altavista, and we found foosball tables and tournaments!
> I'm Irish and have a common firstname.lastname@gmail.com
At the risk of nitpicking, @gmail.com email addresses use a dots don't matter policy [0] so really you have a common firstnamelastname@gmail.com and are free to add dots wherever you like.
Recently learned, to my surprise, that other major providers have not followed Google’s lead on this, so there are plenty of places dont.scam..me@ is a valid email (social engineering or typosquatting).
Judge raised concerns over whether or not the man was in breach of the anonymity order granted by the Circuit Court judge if he had submitted details of the case, which could identify the alleged victims, to the online AI tool.
reply