return to table of content

Show HN: Markdown HN profiles at {user}.at.hn

neilv
16 replies
3h31m

Just be a little careful, or the OnlyFans people might hear there's a new "social" where they can promote.

(For example: LLM-assisted forum presence, combined with profiles with oh, hey there, I have an OF, lol, combined with tech industry disposable incomes... I'd guess would pick up a couple new whales worth the effort. Now that Reddit presumably has been picked clean.)

deadbabe
8 replies
3h23m

Around here I think you’d have better luck selling tiny cute looking computers with tiny screens and open source hardware.

jpmattia
3 replies
3h13m

Tastes around here definitely vary. I prefer curvy monitors with big CPUs.

ht85
1 replies
2h46m

Does your curvy monitor support touch?

rrr_oh_man
0 replies
2h12m

It also has 4 ports

8n4vidtmkvmk
0 replies
2h44m

Man oh man, do I have the CRT for you!

dcminter
2 replies
2h52m

Uh ... do you have a link for this? Just (mostly) joking...

lja
3 replies
1h52m

Any OF models would be met with HN users over-explaining their own economics to them and how it's a terrible business that'll never work. These models will also learn they don't even have a moat to differentiate themselves from other offerings and should keep their development jobs. :)

SkyPuncher
0 replies
1h17m

This is a punny comment

derefr
0 replies
33m

I don't think people discovering these profiles on HN is the concern here.

The true problem with OF models is due to an iterated mutual tit-for-tat strategy between OF models and popular groups on social media platforms:

1. OF models (or people acting on their behalf) want to promote themselves using popular groups/pages/channels on social-networks — they spam posts to these places, seeming to be authentic engagement, in ways that get people curious to look at their profile; and where their profile on the social network then directs those people to their OF profile.

2. The popular groups/pages/channels on social networks are inundated by spam from these OF models, and so attempt to use automated measures to detect and block posts from posters who link to OF on their profiles.

3. OF models/their agents try to work around this by indirecting their OF profile behind "make an About You page with links" services like carrd.co.

4. The popular SN groups respond by also blocking profiles containing links to these "About You page" services (because, keep in mind, the SN profile already works as an "About You page", so there's no need to link to one of these, when you could just past in the contents from it instead. The only people who link to these pages from SN profiles are OF models.)

5. And OF models/their agents try to work around this, by finding ever-more-obscure "About You page" services, and/or profile pages on other social-media services, to get ahead of the moderation.

This at.hn service looks great, but it would sadly be exactly the kind of service referenced in step 5.

rmbyrro
0 replies
55m

I think the median HN user is a lot healthier than you suggest.

jjmarr
0 replies
1h18m

Aella already has a stranglehold on the HN demographic.

LordDragonfang
0 replies
2h38m

Nothing stops people from doing that in their profiles now... and it's not like this is even an official hn feature, so either way they're linking to an external site.

HN has better moderation than any other site I'm aware of, I trust it to be robust against that kind of spam.

mike-cardwell
14 replies
5h17m

There seems to be some weird encoding issues and failure to convert URLs to links properly, for my profile - https://mike-cardwell.at.hn/ - Also, some of the indenting and white space is broken making the PGP signature invalid

padolsey
11 replies
5h3m

Whoops. Yeh I'm working on the encoding thing atm. Thank you for flagging! EDIT: I'm relying on the 'marked' npm package for markdown and it is handling the linkification of URLs, sometimes badly. Shall work on it.

padolsey
7 replies
4h53m

Yeh I'm sanitizing already thankfully. I've fixed the decoding issue, but I'm expecting some % of users to be borked for a whole other variety of quirky reasons.

diggan
6 replies
4h51m

Nice :)

Ah, I bet you discovered that subdomains aren't case-sensitive while HN usernames are case-sensitive, didn't you? :)

Edd1CC
5 replies
4h44m

HN usernames aren't case-sensitive:

That username conflicts with an existing one. Names are case-insensitive. Please choose another.
michaelmior
3 replies
4h35m

That second one doesn't give me a 404 but correctly shows your profile.

tracker1
1 replies
57m

maybe wrap it in three backticks on a line before and after?

tracker1
0 replies
48m

For example...

    Markdown Content
    ...
    ```
    -- BEGIN PGP...
    https://news.ycombinator.com/user?id=yourname
    yourname.at.hn
    --- signature
    ```

trustinmenowpls
1 replies
4h45m

The link to your public key is missing the colon after the https

mike-cardwell
0 replies
4h13m

Good catch. Thanks

ilaksh
11 replies
3h40m

How hard is it to export all of the comments someone has written on HN? I have been thinking about converting my HN comment history into something like a blog. Each entry would show the title of the submission, link if applicable, and the comment and link to comment thread.

Maybe you could provide that service for a small fee.

https://github.com/runvnc/hncomments

opjjf
2 replies
3h30m

The Hacker News BigQuery data makes this quite easy:

select * from `bigquery-public-data.hacker_news.full` where `by` = 'ilaksh' and type = 'comment' order by timestamp desc

EDIT: seems this is out of date

arp242
1 replies
2h14m

I wrote a simple program a while ago to just download all of https://news.ycombinator.com/threads?id=arp242, with my cookie set. Upshot of this is that it will include scores and flagged comments, which public sources won't have. It's useful to filter comments.

To be honest I don't remember what the exact status is; it should work because I have a large TOML file with all my comments. But I don't recall if there's anything "TODO" or if I just forgot to publish it.

Need to put your cookie in the variable at the top.

https://gist.github.com/arp242/4f88069cdc8166d21aa26daac7ffe...

HeatrayEnjoyer
0 replies
40m

How do you access the flagged comments?

koolala
0 replies
3h38m

too hard? too easy? i dont know?

crazygringo
0 replies
2h12m

Genuine question, how is that any different from just your list of comments on HN? What you're describing seems pretty identical to:

https://news.ycombinator.com/threads?id=ilaksh

Is it just that you want to host it on your own domain?

GeoAtreides
0 replies
1h36m

export all of the comments someone has written

Please remember that users gave a license to their content only to HN, not everyone. Using their data without their consent might come afoul of copyright laws.

michaelteter
9 replies
5h4m

And are you prepared to respond to GDPR and other jurisdiction requirements of data collection and management?

p-o
4 replies
4h53m

Aren't you jumping the gun a little bit? While it's a valid question, it's very premature.

Symbiote
3 replies
4h36m

It's not premature; it's something to consider whenever sharing people's personal data on the internet.

The GDPR does not apply "in the course of a purely personal or household activity and thus with no connection to a professional or commercial activity" [1].

However, that does not extend to generally sharing the information on the internet [2] as that's no longer purely personal.

[1] https://gdpr-text.com/read/recital-18/

[2] https://law.stackexchange.com/questions/92229/what-does-hous...

dylan604
2 replies
4h26m

How does the fact that the user opts-in for the service by manually adding the tag to their profile so that information they personally added could be shared get considered by the GDPR?

d1sxeyes
1 replies
4h7m

Not sure and IANAL but the GDPR text is a bit weird on that. Article 9 has section e) which says that information 'manifestly made public' relating to 'special categories' is excluded.

What's weird is there seems to be no such exclusion for personal information which does not relate to special categories.

Having this 'opt-in' certainly seems to tick the box for consent.

However, if reproducing information from a publicly available bio would fall foul of GDPR requirements, then I think there are bigger fish to fry than a hobby project made by a guy who at least seems to trying to respect people's preferences.

Symbiote
0 replies
4h4m

Although I wrote "it's something to consider", from what I can see the developer has already considered this sufficiently for the scale of the project.

padolsey
1 replies
4h23m

My hope is that, since it's opt-in, and people are publicly publishing this stuff, It'd be alright. Dunno.

stickfigure
0 replies
3h35m

You will get haters and armchair lawyers no matter what you do. Ignore the trolls.

jdiez17
0 replies
4h21m

No action is needed if OP doesn’t store unnecessary info or use spyware

d1sxeyes
0 replies
4h22m

Usual note that IANAL, but looks like this service is opt-in, and only relists data which is already public on a user's HN profile.

If a user removes the reference from their bio, then the user's profile will be essentially inaccessible through the service (although technically the cached version would still be on the server. Adding a check to delete the file which matches the user's hashed ID here[0] would take care of profile deletions on subsequent accesses.

Failing all that, a user could request deletion and OP could delete the user's file manually.

There's nothing that seems overly onerous to implement to be (at least) GDPR compliant.

[0]https://github.com/padolsey/at.hn/blob/d4ca6702c558edf736652...

padolsey
3 replies
4h24m

Well I mean... I like the idea of you having autonomy over your own bio .. :P I kinda want to see how this xss vuln plays out.

ecmascript
2 replies
4h21m

Haha yeah, I realized he fixed the obvious one with javascript injection but since markdown doesn't convert html I figured a normal html redirect would work and it did!

padolsey
0 replies
4h12m

Cheeky. Fixed lol

neogodless
0 replies
4h7m

Has this already been cleaned up? I opened the link and it did not redirect. I viewed source and I do not see "<meta http-equiv="refresh"...." in there.

(Using Firefox)

EDIT: nvm I see my sibling comment just now.

pmx
2 replies
4h28m

By attention he means it redirects to adult content.

ecmascript
1 replies
4h25m

Not really, unless you have visited the site before. I guess you already have accepted the warning on their front page lol.

Sad that you are a party pooper tho! I was being nice and warned you and here you are, removing the fun.

pmx
0 replies
4h14m

It's not fun when people end up with that domain in their history on corporate networks. Fun would be redirecting to a rickroll, what you did is malicious.

tomaytotomato
0 replies
4h27m

Well played, thankfully I know the keyboard shortcut to close a tab rapido!

xyst
6 replies
4h53m

The 2 letter domain must have been a premium.

Cool project.

padolsey
5 replies
4h52m

$100 but worth it for the fun!

dylan604
4 replies
4h28m

that's a steal. I can spend that in a single night at the pub, so yeah, for what it is it is a no-brainer.

the only hesitation is how stable is the 'hn' TLD?

Edited for ID10T too early in the morning issue

qingcharles
2 replies
4h7m

I think you mean "hn" tld?

dylan604
1 replies
3h47m

oops, yeah, but still, same question

slig
0 replies
2h17m

Looks like it's $64 on Regery.

jstanley
6 replies
5h9m

I updated my profile but I don't see any change on my at.hn page - how long does it cache for?

jstanley
2 replies
4h57m

That doesn't seem to be necessary, https://jstanley.at.hn/ works fine?

gabrielsroka
1 replies
4h50m

It's running the script tag from your profile.

  <script>alert(1)</script>
Are you testing it?

jstanley
0 replies
3h53m

Yes, it's updated now.

sccxy
1 replies
4h59m

You failed at step 1 of instructions...

To opt-in, paste "{your username}.at.hn" anywhere in your profile's 'about' section.
jstanley
0 replies
4h57m

OK, that doesn't actually appear to be necessary because mine works without opting in.

"2. Go to https://{username}.at.hn?refresh." did the trick.

Brajeshwar
6 replies
3h59m

Man, that is a costly domain TLD to be playing around with. Nice 2-character domain you got. Best of luck and have fun.

padolsey
2 replies
3h56m

I'm chuffed as it was only $100 ! :p

jonplackett
1 replies
3h52m

What’s the renewal cost?

hhh
0 replies
3h44m

.hn is an expensive tld, and none of the 2-character repeating domains are available either.

abcd_f
0 replies
3h47m

.hn is a tld of Honduras.

Renewal and registration fees seems to be the same, so it's not bad.

EGreg
0 replies
3h21m

Watch out and take care!

diggan
1 replies
3h50m

The wording of:

To opt-in, paste "{your username}.at.hn" anywhere in your profile's 'about' section.

Is slightly incorrect, I think.

Everyone seems to visible by default, opted-in or not.

However, the ?refresh thing is locked down so you need to opt-in before. But by default, every user page is accessible on at.hn, even if you don't have the link in your profile.

geertj
0 replies
3h47m

Mine is not visible, and I did not opt-in.

smileybarry
0 replies
40m

I assume his profile was used by @padolsey as a test and manually opted-in

flawn
0 replies
41m

i think the dev of at.hn just added him for testing reasons.

INTPenis
3 replies
5h24m

I'm getting Internal server error 34. Which is one I'd never seen before. ;)

Draiken
2 replies
4h14m

Same here... HN kiss of death maybe? Too bad. Looks fun.

FredPret
1 replies
2h20m

All three of us have capital letters in our usernames and empty profiles, and an internal server error.

JimWestergren
0 replies
1h2m

Same for me, also using capital letters ...

Black616Angel
3 replies
5h21m

Does this not work with upper case letters? I only get "Internal Server Error 34".

padolsey
2 replies
5h15m

Yikes you're right. I need to come up with a way to solve that. Maybe a param or path to lock in the username like abc.at.hn/Abc ... I'll have a go. EDIT: for now I'm tired and off to bed but if someone has a graceful/simple way to handle the non-lowercase usernames, please come forward.

tracker1
0 replies
1h4m

HN seems to support using lowercased names for the /user?id=(lowercased-name) ... if you just need to translate for lookup. Not sure about things like underscores or other characters.

diggan
0 replies
3h51m

if someone has a graceful/simple way to handle the non-lowercase usernames, please come forward.

Graceful? No. But simple? Yes.

Scrape every single username on HN to some local storage (even a file on disk would be enough, HN is relatively tiny), then lowercase all of them into a second column in the file. Refresh this file once per day.

Now you have a map of UserName <> username that you can use for lookups :)

user_7832
2 replies
5h19m

Nice project, just wanted to mention that Ducky looks like he has quite a personality!

Btw what do you mean by > Note: Outgoing links are rel=nofollow unless you're >200 karma (anti spam)?

I guess the links aren't hyperlinked or something?

latexr
0 replies
5h9m

https://en.wikipedia.org/wiki/Nofollow

nofollow is a setting on a web page hyperlink that directs search engines not to use the link for page ranking calculations.
Retr0id
0 replies
5h12m

nofollow is basically just a hint to search engines that site A doesn't necessarily endorse site B by linking to it

udev4096
2 replies
5h28m

This is awesome! How are you handling the addition of subdomains?

OptionOfT
0 replies
5h24m

In Cloudflare (for example) you can put in:

    example.com -> 1.2.3.4
    *.example.com -> CNAME example.com

INTPenis
0 replies
5h24m

I'm not the author but anything like this is likely done with a wildcard DNS entry. So basically *.at.hn points to a server app. This app can then see which domain was requested and do whatever it wants with this string, like treat it as a username.

longerd2
2 replies
3h55m

Usernames in domains means, in many cases, the ISP learns peoples usernames.

mcny
1 replies
3h51m

instead of going to dang.at.hn directly, I am archiving it at https://archive.ph/wip/0acmv so only me, and the fine folks at archive.today, and of course everyone on HN will have access to dang's username :D

diggan
0 replies
3h48m

so only me, and the fine folks at archive.today, and of course everyone on HN

+ the rest of the ~20 organizations/domains being called from that page: https://i.imgur.com/CYSDJp0.png

ziml77
1 replies
4h28m

Kinda minor thing, but the generated HTML isn't technically valid. The meta and style tags are supposed be inside the head tag (as supported by the MDN docs on the tags and the errors shown when you view source in Firefox).

pietmichal
0 replies
4h28m

Don't worry, WebKit devs will update Quirks.cpp soon!

xalava
1 replies
4h34m

Fun idea!

- The first bullet point does not seem to be recognised (on your profile and mine). - webp images do not work?

padolsey
0 replies
4h28m

Bullet point issue ~fixed just now. Thanks for flagging! Webp, hmm, looks visible here..

nanochess
1 replies
2h34m

Really nice! For a moment I thought it was official. Anyway I've edited my bio and have been waiting like 20 minutes for it to be updated in the site.

SushiHippie
0 replies
2h21m

You need to go to

  https://nanochess.at.hn?refresh
I did so, and it updated your bio :)

latexr
1 replies
5h16m

opt-in only by adding a slug to your bio

I really like this. It’s respectful of people’s wishes to not be added to any random site, and at the same time the way to give consent advertises the service.

Ethical and effective business practice? Yes, please. If only all things posted to HN were like this.

PS: It says something about my disillusionment with most software projects these days that I have nothing but praise to give to this one, yet all the while I can’t shake the feeling of “I hope I don’t regret those words”. Anyway, that’s a “me” problem. Congratulations on the launch, and best of luck.

dylan604
0 replies
4h31m

It says something about my disillusionment with most software projects

My disillusionment is I don't trust any of you. My devices have so few apps, that it could almost be mistaken for a clean install. In coding, I use very few libraries because I don't trust anyone. I don't have time to read all of the code of the dependencies. Also, by using libraries, I don't learn how to do what is needed to be done. I hate black boxes. Between bad packages including malicious/bad dependencies in an otherwise acceptable package or flat out devs pushing something that looks useful for the sole purpose of pushing bad code, it's just not worth my time.

Not sure if disillusionment is the right word though. It's close, but the lack of trust doesn't come through.

barbazoo
1 replies
2h15m

So often I see people sharing something that seems driven mostly by the availability of some domain, instead of being idea first, then domain. I find that an interesting niche of human history.

Brajeshwar
0 replies
1h55m

I own phone.wtf and I crafted my phone usage pattern into a message to fit within the domain narrative. ;-)

yellow_lead
0 replies
5h22m

When I refresh I get

Internal Server Error 34

Cool idea though, will try again later.

willvarfar
0 replies
4h19m

so perhaps some kind of collaborative filtering or cohort graph or AI summary can be added on top of this? What other users often comment on the same kinds of stories? Who often replies etc? What kind of stories do they engage with? Etc.

valtlfelipe
0 replies
4h7m

Great idea! Love the simplicity.

splatzone
0 replies
3h37m

Nice implementation!

max_
0 replies
3h32m

My username has an underscore, _

so it doesn't show up.

Oooops ....

longerd2
0 replies
5h0m

[click with mouse wheel](javascript:alert(2))

hunkins
0 replies
2h20m

Love it, great work!

Pr0ject217
0 replies
3h15m

Internal Server Error 34

IanCal
0 replies
5h20m

That's a cool idea, I like it. Will check it out when it's up and running again.

If this slips of the first page, I hope you get to resub when things are a little more stable.