- Hive Five
- Posts
- 🐝 Hive Five 222 - How to Move Fast
🐝 Hive Five 222 - How to Move Fast
The History of SSH Port 22, Surviving the Digital Extinction, AI Coding: Killing the Joy?, Raycast Lands on iOS, Judge to Apple: "This is Not a Negotiation!", Stripe CEO on Moving Fast, Replace Your $700/hr Coach with AI?
Hi friends,
Greetings from the hive!
In July 1995, Tatu Ylonen sent the following e-mail to IANA:
From ylo Mon Jul 10 11:45:48 +0300 1995 From: Tatu Ylonen [email protected]
To: Internet Assigned Numbers Authority [email protected]
Subject: request for port number
Organization: Helsinki University of Technology, Finland
Dear Sir, I have written a program to securely log from one machine into another over an insecure network. It provides major improvements in security and functionality over existing telnet and rlogin protocols and implementations. In particular, it prevents IP, DNS and outing spoofing. My plan is to distribute the software freely on the Internet and to get it into as wide use as possible. I would like to get a registered privileged port number for the software.
The number should preferably be in the range 1-255 so that it can be used in the WKS field in name servers. I'll enclose the draft RFC for the protocol below. The software has been in local use for several months, and is ready for publication except for the port number. If the port number assignment can be arranged in time, I'd like to publish the software already this week. I am currently using port number 22 in the beta test.
It would be great if this number could be used (it is currently shown as Unassigned in the lists). The service name for the software is "ssh" (for Secure Shell).
Yours sincerely, Tatu Ylonen [email protected] ... followed by protocol specification
for ssh-1.0
The next day, he had an e-mail from Joyce waiting in his mailbox:
Date: Mon, 10 Jul 1995 15:35:33 -0700 From: [email protected]
To: [email protected]
Subject: Re: request for port number
Cc: [email protected]
Tatu, We have assigned port number 22 to ssh, with you as the point of contact.
Joyce
And that's how SSH port 22 came to be.
Let's take this week by swarm!
🐝 The Bee's Knees
An Age of Extinction Is Coming. Here’s How to Survive. The digital age is changing society, with virtual substitutes replacing real-world experiences. To survive this "extinction," we must intentionally fight for the traditions, arts, and relationships we value. MORE
"I Have Cancer," the TikTok Star Said. Then Came the Torrent of Hate. Sydney Towle’s videos have drawn an enormous audience on TikTok, where her followers praise and support her. On Reddit, an army of skeptics was determined to paint her as a fraud. MORE
Lee Robinson showcases how to build products with AI using v0. Viewers asked about design systems, Tailwind CSS, Lighthouse issues, GitHub sync, and prompt priority. MORE
Dummy's Guide to Modern LLM Sampling. LLMs have a vocabulary, or a dictionary, of valid tokens, and will reference those in training and inference (the process of generating text). MORE
DeepWiki provides up-to-date documentation you can talk to, for every repo in the world. Think Deep Research for GitHub. MORE
Interested in sponsoring the Hive Five? Secure your spot.
Upgrade Yourself →
You're getting the free version. Members get more — including exclusive & bonus content, access to an online community of smart and driven people, the complete Hive Archive, deep discounts, and so much more. See what you're missing.
📰 Updates
📅 Events
OffensiveCon 2025 (May 16-17) in Berlin is packed with talks on AI, exploit development, and browser security. Day 1 features keynotes and sessions, while Day 2 dives into Android, Bluetooth, and finding old bugs. MORE
NahamCon 2025 (May 22-23) is a community-driven cybersecurity conference that's completely free and accessible online. This year offers 2 specialized tracks over 2 days: Day 1 explores Hacking AI/Hacking with AI, and Day 2 presents our signature main track. MORE
✅ Changelog
Raycast is now on iOS! Use AI voice or keyboard, access notes, snippets, and quick links on the go. MORE
Cursor's latest update makes coding easier with automated rules and a built-in diff viewer for code reviews. Plus, you can now add images to prompts and try out new models like Gemini 2.5 Pro. MORE
Lazygit v0.50.0 is out with enhancements like cherry-pick and revert improvements, plus a new "move commits to new branch" command. This release also focuses on reducing memory consumption and includes several bug fixes. MORE
Judge Yvonne Gonzalez Rogers is super pissed at Apple for not following the court's orders in the Epic Games case. Apple made it hard for developers to use other payment methods, and the judge says they lied about it. MORE
“This is an injunction, not a negotiation. There are no do-overs once a party willfully disregards a court order. Time is of the essence. The Court will not tolerate further delays. As previously ordered, Apple will not impede competition. The Court enjoins Apple from implementing its new anticompetitive acts to avoid compliance with the Injunction. Effective immediately Apple will no longer impede developers’ ability to communicate with users nor will they levy or impose a new commission on off-app purchases.”
Resend introduced idempotency keys to ensure an email sends only once, even with retries. Use a unique key (like a UUID) with each request to prevent duplicates within 24 hours. MORE
💼 Work
💰 Career
Want to boost your chances of success? Aaron Francis shares strategies to become more resilient and create opportunities, even when unexpected challenges arise. Learn how building a foundation now can help you thrive in the face of uncertainty. MORE
Elad Gil (ex-Airbnb and Twitter) discusses career navigation, emphasizing the importance of mindset, risk-taking, and adaptability. MORE
Want to be super effective at work? This article dives into how to boost your impact by developing agency (making things happen) and taste (knowing what works). MORE
🚀 Productivity
Dan Koe debunks the 80-hour work week myth, urging readers to focus on leisure and leverage for better results; work smarter, not harder. Use AI to automate and boost your productivity, and enjoy a more balanced life. MORE
Need to focus? Void blocks distracting websites on your Mac using the built-in firewall. It's a simple way to block domains temporarily or permanently. MORE
Khoj is like a personal AI assistant that you can host yourself. It helps you find answers from the web and your own documents, create custom agents, and automate research, making it your AI second brain. MORE
Tiago replaced his $700/hour coach with NotebookLM. MORE
FixBrowser is a lightweight web browser that skips JavaScript for speed, using scripts to enhance websites. Its FixProxy tool lets you browse privately by whitelisting resources. MORE
🌎 Community
🎉 Celebrate
Two friends, with no tech background, made $500k each through bug bounties, totaling $1M! It took them several years of hard work and willingness to achieve this milestone. MORE
STÖK shares the importance of slowing down and finding balance after years of hustle. He realized "good enough" is okay and encourages others to prioritize well-being over constant striving. MORE
⚡️ Zeitgeist
A security researcher reported 3 critical vulnerabilities through a vulnerability disclosure program (VDP) but only received 21 reputation points, which they felt was unfair. Many others disagreed, noting VDPs should solely be hear something, say something. MORE
What HackerNews members are working on: This thread features a wide variety of projects, from AI-powered tools for various industries (tree cutting, diabetes management) to hardware projects and creative endeavors (graphic novels, game development, a book on Estonia). MORE
Q&A With The CVE Foundation. Tib3rius interviews Pete Allor of The CVE Foundation about the ongoing issues facing the CVE Program, why The CVE Foundation was formed, and how he thinks the CVE Program should evolve under their leadership. MORE
💛 Follow
Awesome accounts to follow. Randomly selected from my curated Twitter lists.
paulg | Paul Graham.
@TechEmiiily | Pibble | Kavatender | Defcon Speaker Ops Goon | Dallas Hacker | She/These Hands.
@imranparray101 | Imran Parray | Founder of snap_sec.
@JamesClear | James Clear | Author of the #1 NYT bestseller Atomic Habits. I write about building good habits.
@tillson_ | Tillson Galloway | PhD student at Georgia Tech, internet archaeologist.
🍄 Level up
📰 Read
HTML Injection to Stored XSS and Account Takeover. MORE
Dr. Becky Kennedy helps $10M+ entrepreneurs balance work and family by setting boundaries and teaching kids about money and resilience. Her Good Inside app offers personalized parenting advice for busy parents. MORE
Many MCP environments store long-term API keys for third-party services in plaintext on the local filesystem, often with insecure, world-readable permissions. MORE
CSS Exfiltration under default-src 'self'. MORE
AI coding boosts productivity but might kill the joy of programming. Will developers find fulfillment in prompt engineering or system design, or will the lack of flow lead to detachment? MORE
"The best moments in our lives are not the passive, receptive, relaxing times… The best moments usually occur if a person’s body or mind is stretched to its limits in a voluntary effort to accomplish something difficult and worthwhile." — Mihaly Csikszentmihalyi
💡 Tips
Pieter Levels on power outage preparedness: Key essentials - backup camping battery (Ecoflow), Starlink with battery power for connectivity, FM radio, water, and a stocked freezer with BBQ + coals for emergencies. MORE
Speed up your web development with Cursor by connecting it to tools like Figma and Linear. Reuse code and designs for cleaner, more consistent results. MORE
Jasmin "JR0ch17" Landry reveals a sophisticated SSRF technique demonstrating regex validation bypass and SSRF exploitation strategies, even without cloud metadata access. MORE
Dan Go shares fitness tips he wishes he knew at 25, like taking creatine for muscles and brain health. He also suggests cardio, mobility routines, and even watching something "arousing" before lifting to boost strength. MORE
Raycast AI extensions make batch renaming files super easy. MORE
🧠 Wisdom
"Speed is a competitive advantage. Moving fast is a habit.
Most people don't realize that slowness is usually a choice.
At Stripe, we bias toward action. We don't wait for perfect clarity. We prefer doing and iterating to debating endlessly.
If something feels 80% right, ship it. If you're wrong, you'll fix it faster than your competitors finish arguing about it.
Momentum compounds. Every day you ship is a day you build speed."
Mitch Horowitz shares 101 rules for effective living, from dealing plainly to independent research. Get practical wisdom on relationships, work ethic, and navigating life's challenges. MORE
The Most Powerful Asymmetries in Life: 44 small actions with big potential rewards in your career, relationships, health, and more. MORE
Tim reveals how naive confidence fuels entrepreneurial success. By mentally tricking oneself and acting as if already successful, entrepreneurs can overcome self-doubt and achieve their goals, drawing parallels to psychological performance in fitness training. MORE
This reminds me of the following bar from King Los: "My delusion got me out of the hood, so at this point using logic is absurd"
📚 Resources
Purple Llama offers tools and evals for boosting the safety of AI models, especially for cybersecurity risks. MORE
Discover a curated list of asset discovery resources by RedHunt Labs. This repository helps you find anything and everything an organization has data on, like servers, websites, and even open-source code. MORE
Collection of leaked prompts used to control AI models. See how the "sausage is made" behind the AI curtain. MORE
Develop Caido plugins easily with the caido-community/dev toolkit. This CLI tool simplifies building and packaging, so you can focus on creating awesome security extensions. MORE
🐝 Member Edition Sneak Peek
Quickly turn intercepted requests into exploit scripts. This plugin helps security researchers create proof-of-concept code in Python, JavaScript, and Bash. MORE
Lightweight, ergonomic framework for building bug bounty-ready Cybersecurity AIs (CAIs). MORE
Self-hosted bookmark manager where you can save webpages, articles, and docs. It also saves copies of each page, so you can still see them even if the original disappears. MORE
The Member Edition
You’re currently receiving the STANDARD edition. Subscribers to the MEMBER Edition to get additional content and more.
Already a paying subscriber? Sign In.
A premium membership gets you:
- • EXCLUSIVE & BONUS content: Delve into the weekly explore section full of the best content I’ve seen and listened to this week, including TOOLS.
- • Access to COMPLETE HIVE ARCHIVE: Unlock a treasure trove of tools, resources, videos, and audio, catering to all your needs.
- • Join a private Discord COMMUNITY: Engage in chat, uplift one another, grow together, and explore shared interests.
- • MEMBER-ONLY events: Take part in digital meetups, focus sessions, and more.
- • Deep DISCOUNTS on paid content.