u/Tight_Heron1730

Every other login wants more of you: your password, your phone number, a profile, a backup email. We went the other way.

- No passwords. Ever. You get a one-time link in your email, you click it, you're in. Nothing to remember, nothing to forget, nothing to steal.

- It doesn't keep your email. Most sites store your address in plain sight — so when they get hacked, it's your inbox that leaks. knowless scrambles your email the moment you type it and throws the real one away. There's nothing worth stealing.

- It can only do one thing: let you in. No "welcome" emails, no newsletters you didn't ask for, no hidden tracking pixels watching when you open a message. It physically can't send you anything but your sign-in link.

- It can't even tell if you have an account. Whether your email is registered or not, everything behaves exactly the same — so no one can poke at it to find out who's a member.

- Built against the grain. Everyone else stacks on more login layers and collects more about you. knowless does the opposite — the least it possibly can. Privacy isn't a setting here; it's the only way it works.

https://github.com/hamr0/knowless

Vanilla JS. Embed it, don't run it. No daemon, no SaaS, no telemetry — it runs on your hardware.

- bareagent — The think→act loop that drives everything. Goal in, coordinated actions out. It orchestrates the other tools as needed — a leaner stand-in for LangChain, CrewAI or AutoGen.

- barebrowse — A real browser for agents. URL in, pruned snapshot out — so the agent navigates live sites and gets exactly what it needs, no Playwright/Selenium babysitting. Works standalone or as a bareagent tool.

- baremobile — Real Android and iOS devices under agent control. Screen in, pruned snapshot out — taps, swipes, types, reads the screen. The job Appium/Espresso/XCUITest do, without the ceremony.

- beeperbox — 50+ messengers in one Docker container. A headless Beeper Desktop exposing WhatsApp, iMessage, Signal, Telegram, Slack, Discord, RCS and SMS as a single MCP server — so your agent can read and send across every network from one place.

- bareguard — One chokepoint between the agent and the world. Every action passes through a single Gate: allow, deny, or ask a human. Hard caps on cost/tokens/turns that halt with you in the loop, secret redaction, and one audit log — bounding what the agent does, not what it says.

https://github.com/hamr0

- It shows you who's watching. Every site quietly hands your activity to ad networks, data brokers and analytics firms. wearehere names them — so you can finally see which companies follow you across the web, and how often.

- It cleans up tracker cookies automatically. The long-lived cookies sites use to recognise you for months get shortened the moment they're set — no settings to fiddle with, no manual clearing. Trackers lose their memory of you.

- It blurs your device fingerprint. Even with cookies gone, you can be re-identified by tiny technical details of your browser. wearehere feeds trackers slightly-wrong, per-site answers, so the same browser looks like a different device everywhere — and the disguise rotates weekly so you can't be profiled over time.

- It reads the fine print for you. wearehere finds and flags a site's terms and privacy pages, so you know what you're agreeing to without digging through legalese.

Honest about limits: this raises the cost of tracking — it won't make you invisible. I pair it with Firefox and uBlock Origin to block requests too.

Chrome: https://chromewebstore.google.com/detail/wearehere/ajlgpjdjccjmhnojnpcmicdndcpelbjo

Firefox: https://addons.mozilla.org/en-US/firefox/addon/wearehere/?utm_source=addons.mozilla.org&utm_medium=referral&utm_content=search

Built a toolbar extension that does two things at once — surfaces trackers and tightens cookies in the background. No accounts, no cloud:
- One-click popup per page: 0–100 tracking score, plain-English verdict, list of companies watching you and how (cookies, pixels, device-id, form fields).
- Dashboard with 3 tabs: overview (trend over day/week/month), watchers (who follows you across the whole web), cookie scoper (the background cleaner — caps lifetimes, demotes trackers to session-only).
- Trust list: keep cookies for sites you actually use, sweep the rest. One click per site.
- Nothing leaves the browser. No accounts, no cloud, no AI calls, no telemetry. Uninstall = every trace gone.
- Chrome + Firefox, load unpacked from the repo. Apache-2.0, detection logic credits well-known privacy projects in NOTICE.

Chrome: https://chromewebstore.google.com/detail/wearehere/ajlgpjdjccjmhnojnpcmicdndcpelbjo

Firefox: https://addons.mozilla.org/en-US/firefox/addon/wearehere/?utm_source=addons.mozilla.org&utm_medium=referral&utm_content=search

Stopped trusting commercial VPNs' "no-logs" promises. Your VPS, your keys, your traffic:

- Under 5 minutes on any cheap Linux VPS (AlmaLinux, Ubuntu, Debian, Fedora — anything with apt or dnf, ~2€/month is plenty).
- One menu does everything: SSH key setup, WireGuard install, peer generation, connect/disconnect.
- Multi-device from day one: phones get a QR, Linux laptops auto-fetch config over SSH, Macs get a paste-ready file.
- All keys generated on the server — nothing secret lives in the repo or on your laptop until you connect.
- Just wg-quick under the hood — no daemons, no GUI, no telemetry, no Docker, no Python. Pure bash.
- Also CLI: privpn connect / privpn disconnect / privpn status. Apache-2.0.

Repo: github.com/hamr0/privpn — feedback welcome.

Got tired of paying for accessing my data I already had the hardware for. Two ways in:

- Just Immich: clone, privcloud install, privcloud start. No server, no Tailscale, no compose
homework. Includes a Google Takeout metadata fixer.
- Full home server on a used 120€ mini PC (HP ProDesk G4, ~10W idle): Immich, Navidrome (music),
Syncthing (iCloud-ish sync), AdGuard (network ad block over Tailscale), FileBrowser, Uptime Kuma, Watchtower, WireGuard, RDP.
- One menu drives everything from your laptop — only step 1 needs a monitor on the server. After that it's headless and SSH-routed automatically.
- --dry-run prints every command before executing, so you can read what it does first.
- Boring stack: bash + docker-compose, standard upstream images, Apache-2.0. Drop the wrapper anytime and keep the compose file.
- AI guide context.md + full human customer guide in the repo, so Claude Code / Cursor can manage the box with full context.

Repo: github.com/hamr0/privcloud — feedback welcome, this is what I actually run at home.

- See who's watching, on every site. Companies tracking this page and how — cookies, pixels, device-id, form-field reads, clicks.
- A 0–100 privacy score with a plain-English verdict. Instant read on whether a page is fair or hostile.
- Cookies auto-tightened in the background. The scoper shortens lifetimes and demotes trackers to session-only so they can't recognise you tomorrow.
- Zero telemetry, zero accounts, zero cloud. Nothing leaves your browser — no AI calls, no sign-up, delete the extension and every trace goes with it.

Subs, threads, votes, mods. None of the rest.

- Operator runs the lights. No mod appointments, no override button, no special voice. If I go bad, fork the repo and walk.

- Sign-in is a magic link. The email is fingerprinted on arrival and never stored — same address on two plato sites gives you two unrelated handles.

- Public modlog. Enough community flags auto-collapse a post; enough upvotes after a mod removal auto-restore it. The math can override the mod.

- Plain text only, no uploads. RSS out of every sub, RSS in for your follows + replies. Interop on day one.

Live: terribic.com/about · Code: github.com/hamr0/plato

Tear it apart.

Just shipped: live-canvas skill in liteagents.

I built with Claude a skill to solve UI iteration with AI is mostly context-switching. Reload, screenshot, describe, paste, repeat. live-canvas collapses the loop — the agent generates UI variations in the browser and you click directly on the page to annotate what's wrong.

The interesting part is how feedback gets back to the model. Two transports, auto-selected:

Batch (works with any agent) — every Save writes to .claude-design/feedback.jsonl. The agent reads the batch when you say "check". No SDK, no hooks, no plugin — just JSONL on disk. Runs identically in Droid, Amp, OpenCode, and Claude Code.

Live (Claude Code only) — the overlay POSTs each Save to a local MCP channel server, and Claude Code's dev-channels feature streams it into the active session as a <channel> tag mid-turn. Annotate, see the agent react before you've clicked the next thing.

Same skill, same overlay. The skill probes the host at startup and picks the right transport without asking you. Non-Claude tools never see a "install this plugin" prompt — they get Batch and it just works.

This is the pattern I keep coming back to in liteagents: write the capability once against the lowest common denominator (a file), then layer the live experience on top where the host supports it. No vendor lock-in, no broken fallback.

→ github.com/hamr0/liteagents