Show HN: I built a real-time OSINT dashboard pulling 15 live global feeds

Original Article ↗ Hacker News Discussion ↗

Project concept & overall reception

  • Tool is a real-time OSINT-style dashboard aggregating multiple global feeds (e.g., aircraft, ships, satellites, news).
  • Many comments are impressed with the scope and “movie hacker” UI; several explicitly say this is a strong demo project.
  • Some compare it to other recent OSINT dashboards and pandemic-era trackers, noting that such dashboards have become the new “todo app” demo.

Architecture, tech choices & improvements

  • Backend: FastAPI with frequent GeoJSON updates; frontend: Next.js with MapLibre; Playwright is used via a Python wrapper around Node tooling.
  • Current design streams raw GeoJSON every ~60s for smooth “blip” animations; vector tile solutions like PMTiles/Martin are discussed as future options, mainly for static or historical layers.
  • Suggestions include: plugin-style architecture (sources/filters/sinks), richer data sources (RSS, subreddits, Ground News, GovTrack, politicians’ social feeds, EMM), and a clearer “air and space awareness” description instead of “full-spectrum geospatial intelligence.”

Installation, reliability & hosting

  • Multiple users report the app initially “shows no data” or is “broken” on Windows, macOS, and Linux.
  • Root causes mentioned: missing .env API keys, Python version mismatches, outdated dependency versions, and frontend scripts hard-wired to Windows Python.
  • Workarounds shared: specific requirements.txt versions and using newer Python; some still hit Node script errors.
  • Dockerfiles exist; self-hosting on a VPS is considered straightforward. For casual sharing, suggestions include Cloudflare Tunnel, Ngrok, or private networks (Tailscale/ZeroTier).
  • A similar hosted project (worldmonitor.app) is repeatedly referenced, though at least once it’s reported down.

Security, keys & leaks

  • Early zip release accidentally included .env files with API keys; commenters point this out as a classic OSINT find.
  • Concern about exposing API keys in a hosted settings page; suggestion is to store keys in the backend and issue short-lived session tokens instead of client-side storage.

Ethics, seriousness & “AI slop” concerns

  • Author explicitly warns against operational or military/intel use; commenters joke it may still appear in conflict-related news.
  • One commenter with defense experience contrasts this hobbyist OSINT with massive classified systems requiring sensors, anti-jamming, and rigorous change tracking.
  • Meta-discussion: rising skepticism toward LLM-assisted, quickly built projects; some see them as disposable “plastic cutlery,” others argue this implementation looks reasonably solid.